Users are reporting a newly discovered security bug in the Linux Bash Software that could prove to be a bigger threat than ‘Heartbleed’ that was reported back in April 2014.
This long-standing ‘Bash’ command flaw has been found to leave users of Linux and OS X more susceptible to security attacsk. It allows hackers to run any code they desire through a common Unix command shell (called Bash), as soon as the shell starts running. It means the hacker can then gain control over any networked device that runs the Bash Software and can bypass any pre-set limits on the commands remote users can access.
Although some companies have released patches for multiple Linux variants (CentOS, Redhat and Debian) due to the age and ubiquity of the Bash software exploit, some older servers and other internet-connected devices won’t be fixed.
Engadget notes that “it’s hard to know exactly how far reaching the damage may be and that “it could take years before there’s no longer a significant threat”.