Apple Releases OS X Bash Update to Fix 'Shellshock' Security Flaw in Mavericks, Mountain Lion, and Lion

MacRumors

macrumors bot
Original poster
Apr 12, 2001
48,662
10,081



Apple today released OS X bash update 1.0 for OS X Mavericks to fix a vulnerability in the bash UNIX shell.

The security flaw, known in the media as "Shellshock," was discovered last week. Uncovered by security researchers, the exploit in the bash command shell in OS X and Linux could be used to deploy malicious code.

According to an Apple spokesperson, most OS X users were not at risk form the bash vulnerabilities, but the company promised to work quickly to provide an update.
Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.
Along with the fix for OS X Mavericks, Apple has released updates for both OS X Lion and OS X Mountain Lion. There is no Yosemite download available as of yet, but Apple may be planning to issue a fix in the near future. The three updates are available via Apple's support pages and should be available via the Software Update tool soon.

Article Link: Apple Releases OS X Bash Update to Fix 'Shellshock' Security Flaw in Mavericks, Mountain Lion, and Lion
 

arian19

macrumors 6502
Jul 9, 2008
364
62
I was waiting for this fix before I even started using my mac again.

/sarcasm
 

mactumors

macrumors 6502
Aug 3, 2008
304
27
So if my system is set to the safe defaults then should I download this? It's not in Software Update. Is it not recommended for everyone?
 
Last edited:

Xenomorph

macrumors 65816
Aug 6, 2008
1,309
553
St. Louis
Before:

Code:
$ bash --version
GNU bash, version 3.2.51(1)-release (x86_64-apple-darwin13)
After:

Code:
$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
 

ArtOfWarfare

macrumors G3
Nov 26, 2007
8,697
4,304
Did Apple simply update the version of Bash? As I recall, the version that ships with OS X is years old.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.