BoxFabric Managed Hosting Mitigates Linux Shellshock Exploit

  • 10/01/2014

Last week a software vulnerability targeting Apple and Linux systems was reported by various security experts. Known as Shellshock or Bash (Bourne-Again Shell), this bug could be exploited to compromise millions of servers and devices worldwide. Shellshock was reported to be more serious than the Heartbleed vulnerability that received industry attention in April 2014.

Heartbleed was discovered to affect software used by servers to encrypt and secure communications, whereas Shellshock was said to allow an attacker the ability to take control of systems through a discovered exploitation on Linux-based operating systems and Apple OS X. The exploit was found in a software package command line interpreter, or shell, that provides a way to run commands on a computer.

There was no reported intrusion attempts to our systems, and no BoxFabric clients or infrastructure were compromised.

As part of our managed hosting service, and our proactive 24/7/365 vulnerability monitoring, last week the BoxFabric support team updated and patched any systems and infrastructure affected according to recommended procedures by respective Linux or Unix-based OS vendors where appropriate.

If you have specific questions, please contact our support team.