Dangers of Shellshock exploit overexaggerated

Shellshock isn’t just an antiquated term for Vietnam War veterans, it’s now the latest computer exploit and it’s supposed to be even more dangerous than Heartbleed, a recent virus that collected personal information through similar vulnerabilities.

“It’s nothing to worry about for the average Mac user,” said Jim Ferr, the tech team leader and server specialist for Durham College’s school of Media, Art and Design.

This isn’t a virus that can infect your computer. Shellshock is a security exploit that already exists in your machine if you use UNIX systems, which includes Mac OS X and Linux. It takes advantage of vulnerabilities in Bash, a command prompt program.

Ferr stressed that Durham College’s servers are safe as he applied the patch and closed the vulnerability already and says most people who run servers will have closed the vulnerability already.

According to Internet security company AVG, Shellshock can infiltrate a network and do anything from stealing data, turning computers into spam bots, to gaining remote control of computers. Though these outcomes won’t likely affect end-user computers, according to The Safe Mac website, they could affect anyone who runs servers from their computers.

Apple has already released a patch, available through the Apple Support website, which helps close up the vulnerabilities that Bash made available to remote attackers.

According to Ferr the patch has to be applied by users and hasn’t been made a part of regular updates.

Here are four steps you can take to make sure you are protected:

  • Download the Apple patch from their support website
  • If you have a wireless router phone your service provider to ensure it is not at risk
  • Don’t visit suspicious websites or open strange e-mails
  • Change passwords on websites you use if they may have been compromised by the bug

This exploit could still affect users even if they take the proper precautions. If Shellshock targets servers or websites it can gather user info even if the user has taken these security measures according to The Safe Mac website.

Even PC users could be at risk if they access sites that run their servers through UNIX if they have data stored on that server.

According to AVG the biggest step in staying secure is to avoid suspicious websites as well as not opening suspicious e-mails with strange links.