Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
63,931
31,492



Apple today released OS X bash update 1.0 for OS X Mavericks to fix a vulnerability in the bash UNIX shell.

The security flaw, known in the media as "Shellshock," was discovered last week. Uncovered by security researchers, the exploit in the bash command shell in OS X and Linux could be used to deploy malicious code.

bashupdate.jpg
According to an Apple spokesperson, most OS X users were not at risk form the bash vulnerabilities, but the company promised to work quickly to provide an update.
Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.
Along with the fix for OS X Mavericks, Apple has released updates for both OS X Lion and OS X Mountain Lion. There is no Yosemite download available as of yet, but Apple may be planning to issue a fix in the near future. The three updates are available via Apple's support pages and should be available via the Software Update tool soon.

Article Link: Apple Releases OS X Bash Update to Fix 'Shellshock' Security Flaw in Mavericks, Mountain Lion, and Lion
 

arian19

macrumors demi-god
Jul 9, 2008
369
62
I was waiting for this fix before I even started using my mac again.

/sarcasm
 

mactumors

macrumors 6502
Aug 3, 2008
306
29
So if my system is set to the safe defaults then should I download this? It's not in Software Update. Is it not recommended for everyone?
 
Last edited:

Xenomorph

macrumors 65816
Aug 6, 2008
1,398
831
St. Louis
Before:

Code:
$ bash --version
GNU bash, version 3.2.51(1)-release (x86_64-apple-darwin13)

After:

Code:
$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
 

ArtOfWarfare

macrumors G3
Nov 26, 2007
9,572
6,083
Did Apple simply update the version of Bash? As I recall, the version that ships with OS X is years old.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.