The Shellshock Bug is in ALL the news today...
There is a lot of news about the so-called Shellshock bug that’s hitting the media today. BBC News, CTV News, and CBC News, among many others have been alerting its readers about this latest vulnerability. However, before we get to that, let me emphatically state something:
ETELESOLV IS NOT VULNERABLE TO THE SHELLSHOCK BUG, AND YOUR VALUABLE DATA THAT YOU’VE ENTRUSTED TO US IS SAFE FROM THIS EXPLOIT.
What is the Shellshock bug?
Now that we’ve gotten that critical statement out of the way, it’s time we do what we do best – provide clarity and transparency on crucial data!
To summarize, the Shellshock vulnerability, or more formally, the “GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271, CVE-2014-7169)” is a critical vulnerability that impacts the following operating systems/shells:
- GNU Bash through 4.3.
- Linux, BSD, and UNIX distributions including but not limited to:
- CentOS 5 through 7
- Mac OS X
- Red Hat Enterprise Linux 4 through 7
- Ubuntu 10.04 LTS, 12.04 LTS, and 14.04 LTS
Among the reasons for which the Shellshock bug is making such a big media splash is because the US Department of Homeland Security issued an alert on the bug. Other reasons include the fact that:
- Hackers using this exploit can take complete control of vulnerable machines
- This bug’s impact has been classified as “high” by industry standards (i.e., the risk that it poses is high!)
- Literally hundreds of millions of machines are at risk!
Currently, patches have been released to plug the vulnerability, but the patches do not necessarily fix the entire problem! Basically, if you’re using the above-listed systems (or network vectors from the vendors on this list), go to their respective websites/communities to see what patches or workarounds have been created! And be sure to check regularly for updates!
Why Cimpl is safe from the Shellshock bug!
Vincent Parisien, Vice-President of Technology for Cimpl, supplies the answer: “Cimpl’s products are built on Microsoft platforms, and hence not impacted by this exploit. More to the point, we’re constantly applying vendor security patches and verifying our products and security features to ensure that our products are thoroughly safeguarded. We deeply cherish our customers’ faith in us, and we do everything we can to continuously uphold that trust!”
A few quick final words
Cimpl is Canada’s leader in IT and telecom expense management. We attained this position because we build the finest software products and because we’re constantly on the lookout for the latest developments, both in terms of forward-looking technology AND in terms of ways of warding off threats! Contact us to find out more!