Website vulnerability exploited by new Shellshock bug
A newly discovered bug in Bash software component potentially affecting anyone visiting a website hosted on a vulnerable server.
What is the Shellshock bug?
Over the past week it’s more than likely that you’ve heard of either Shellshock or Bash Bug - A newly discovered vulnerability found in a software component called Bash, which affects only Linux or Unix operating systems. If successfully exploited it would allow an attacker to gain control of targeted computers or servers.
How dangerous is it?
Do you remember HearthBleed? Well, the Shellshock Bug could be an even bigger threat. The America’s National Institute of Standards & Technology issued a warning, rating this 10/10 for severity in their vulnerability database. Attackers can potentially take over the operating system, access confidential information, make changes or even delete everything! It takes a very low lever of skill to take advantage of this vulnerability, so analysts expect a large number of sites (and people) to be exploited by this bug, and the potential impact of this should not be underestimated.
Is my website vulnerable?
Very likely, if your website is running on Linux hosting.
Very unlikely, if your website is running on Microsoft hosting.
Approximately 10% of computers run Linux or OS X, excluding the Linux servers and other connected devices. Compared to the HeartBleed bug which affected an estimated 500 million computers, the Shellshock bug is expected to affect at least as many devices.
How do I know if I am vulnerable and how to protect my website?
We’re here to help. If you are unsure whether you may be affected by this bug, give us a call immediately at:
Tel: 0203 371 7354