McMaster UTS team working to address ‘Shellshock’ bug

A new computer vulnerability, known as Shellshock, is currently being investigated by McMaster’s UTS team.

Shellshock exploits a hole in Bash software (often used in Unix-based operating systems) that lets an outsider’s code be processed and executed on a user’s computer. Many Unix-based operating systems, including Linux and Apple’s OS X, can potentially be affected.

McMaster is actively patching systems that have already been identified as affected, and is actively scanning all public-facing web servers and systems. The University will continue to monitor the situation as it develops and do whatever is necessary to protect systems and information.

Some systems running variations of Linux, Unix, Apache and OS X may be affected. Vulnerability can be, among other methods, exploited via the web browser interface and as such many web sites may be vulnerable.

Please direct questions and concerns to Deborah Dixon at ddixon@mcmaster.ca.