Last Wednesday the WebSight Design server support team sprang into action after news broke about the Bash Bug, an internet security flaw that has been lurking in software on hundreds of millions of devices for the past 22 years. Also known as the "Shellshock" bug, it's considered by most security experts to be even bigger and more dangerous than the Heartbleed bug, which took the Internet by storm back in April. The man who discovered the Bash bug, software developer Stephane Chazelas of Akamai Technologies Inc., is quoted as saying "The realisation of the scale and impact of [it] and what I had in my hands was quite scary." (The Sydney Morning Herald). That's because while Heartbleed exposed sensitive information to the prying eyes of Internet hackers, the Bash vulnerability actually gives them control of your device to install applications or execute code. True to its name, the Bash bug exploits a commonly used piece of system software called "Bash." Bash is a command shell that runs on Unix and Linux devices, as well as on Mac OS X, and is installed on a wide range of Internet-connected devices. Millions of computers, phones, routers, and even medical devices and industrial equipment are at risk for potential attack. The National Institute of Standards and Technology has rated the Bash bug a 10 out of 10 on its severity scale. By comparison, the Heartbleed bug was only a 5. That should give you some idea as to the seriousness of the threat. At the same time that the Shellshock bug was disclosed to the public last Wednesday, a patch was released to address it. Our team at WebSight Design wasted no time in installing the patch and updating all of our 80+ servers to secure against the threat, completing the task within hours of the bug's first announcement. When it comes to the security of your website, can your web host say the same? We take great pride in ensuring all of our clients' websites are safe and secure, staying on top of the very latest patches and security updates. With the recent Home Depot hack and all the other possible threats out there, our server support team is on call 24/7. If you're unsure as to whether or not your hosting provider took quick action to defend against the Bash vulnerability, it's worth it to find out. Sometimes a matter of hours can make all the difference in the world.
How To Avoid Shellshock: WSD's Quick Response To The Bash Bug