Shellshock: Apple assures OS X users over Bash Bug risks

Apple has moved to assure users of its Mac OS X operating system about the security of their machines, in the face of the recently discovered Shellshock (Bash) bug.

As reported by IT Pro yesterday, the vulnerability affects Bash command-line shell used to power Linux and Unix-based operating systems, which include OS X.

This has the potential to be seized upon by cyber attackers to remotely execute arbitrary code on an affected system and, in turn, take control of a person's machine.

Furthermore, it's estimated that around 60 per cent of the world's Apache-based websites also rely on Bash to run background applications, potentially putting them at risk too.

For this reason, Shellshock or the Bash Bug, as some have dubbed it has been dubbed "bigger than Heartbleed", in reference to the OpenSSL flaw that wreaked havoc on the web earlier this year.

However, Apple has been quick to tell users of its OS X desktop operating system that there is no need to panic, as there is a good chance the flaw will not affect them.

Speaking to Apple tech site iMore, an Apple spokesperson said: "The vast majority of OS X users are not at risk to recently reported Bash vulnerabilities.

"Bash, a Unix command shell and language included in OS X, has a weakness that could allow unauthorised users to remotely gain control of vulnerable systems.

"With OS X, systems are safe by default and not exposed to remote exploits of Bash unless users configure advanced Unix services. We are working to quickly provide a software update for our advanced Unix users."

Caroline Donnelly is the news and analysis editor of IT Pro and its sister site Cloud Pro, and covers general news, as well as the storage, security, public sector, cloud and Microsoft beats. Caroline has been a member of the IT Pro/Cloud Pro team since March 2012, and has previously worked as a reporter at several B2B publications, including UK channel magazine CRN, and as features writer for local weekly newspaper, The Slough and Windsor Observer. She studied Medical Biochemistry at the University of Leicester and completed a Postgraduate Diploma in Magazine Journalism at PMA Training in 2006.