New bug worse than Heartbleed

Security experts are flagging a new bug in Bash, a type of popular Linux software, saying it could be more dangerous to users than Heartbleed.

Bash, which is used to control the command prompt on Unix computers, contains a bug that would allow hackers to take over a system. Built by the Free Software Foundation, a non-profit organization, the software was designed for users to initiate command prompts.

While Heartbleed was widespread and sparked headlines in the news, the vulnerability in Bash is considered riskier as Heartbleed only allowed attackers to spy on users through their computers, according to a story published today in the Financial Post.

What you need to know:

– It’s not just security experts who have issued warnings about the bug in Bash. The United States Computer Emergency Readiness, a branch of the U.S. Department of Homeland Security, has sent out an alert about the bug, which could affect anyone using Linux or Apple Inc.’s Mac OS X. The department has since told consumers to install operating systems updates. While Red Hat Inc. has reportedly already built them for Linux, Apple has yet to create one for Mac OS X.

– It’s even easier to exploit the vulnerability in Bash than it was for hackers to take advantage of Heartbleed, one security expert says. Dan Guido, chief executive of Trail of Bits, was quoted in the Financial Post as saying using this vulnerability is as easy as a quick copy-and-paste job.

– The vulnerability in Bash could be a headache for a lot of companies, as IT administrators will be scrambling to patch computers that run Linux or Mac OS X and that also access the Internet. For larger organizations, that task could take some time to finish.

– Even if companies patch their Linux and Mac OS X machines for the vulnerability, there’s still a fear out there that the patches aren’t enough, and that hackers could still find ways to exploit the bug. That means companies may need to consider another way to protect their systems, on top of issuing patches.


Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Empowering the hybrid workforce: how technology can build a better employee experience

Across the country, employees from organizations of all sizes expect flexibility...

What’s behind the best customer experience: How to make it real for your business

The best customer experience – the kind that builds businesses and...

Overcoming the obstacles to optimized operations

Network-driven optimization is a top priority for many Canadian business leaders...

Thriving amid Canada’s tech talent shortage

With today’s tight labour market, rising customer demands, fast-evolving cyber threats...

Staying protected and compliant in an evolving IT landscape

Canadian businesses have changed remarkably and quickly over the last few...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now