Heartbleed. Shellshock. Well we’ve learned the names of these dangerous bugs that sound like Taylor Swift song titles. Heartbleed affected virtually every website out there. It was a notorious bug that had laid dormant for years and while the fix was easy, it had to be implemented by every individual developer.
Security expert Robert Graham says Shellshock is bigger than Heartbleed.
But while apps in OS X run in a sandboxed mode, they do talk to each other – to offload tasks to other apps or to ask for system level functionality. All this talk takes place using code, in the Terminal.
During one of these exchanges, one app can add the prefix in the quotes and turn it into a command. These commands can either wipe your computer, render it useless, copy the contents of your drive or any number of things possible via the command line.
How To Patch The Shellshock Bug
Fortunately, Apple has said that only a small number of OS X users are susceptible to the Shellshock bug. But it’s advisable that if you are on a Mac running OS X Lion, Mountain Lion or Mavericks, install the fix update from the links below. There’s no fix for Yosemite beta users yet.