Apple Releases OS X Bash Update to Fix 'Shellshock' Security Flaw in Mavericks, Mountain Lion, and Lion

by

Apple today released OS X bash update 1.0 for OS X Mavericks to fix a vulnerability in the bash UNIX shell.

The security flaw, known in the media as "Shellshock," was discovered last week. Uncovered by security researchers, the exploit in the bash command shell in OS X and Linux could be used to deploy malicious code.

bashupdate
According to an Apple spokesperson, most OS X users were not at risk form the bash vulnerabilities, but the company promised to work quickly to provide an update.

Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.

Along with the fix for OS X Mavericks, Apple has released updates for both OS X Lion and OS X Mountain Lion. There is no Yosemite download available as of yet, but Apple may be planning to issue a fix in the near future. The three updates are available via Apple's support pages and should be available via the Software Update tool soon.

Related Forum: OS X Mavericks

Top Rated Comments

andyyardley Avatar
andyyardley
124 months ago
Will this update break my wifi? Or delete all my files?
Score: 10 Votes (Like | Disagree)
chrisgeleven Avatar
chrisgeleven
124 months ago
Not seeing it in the App Store yet.
Score: 9 Votes (Like | Disagree)
gnasher729 Avatar
gnasher729
124 months ago
It's a very highly published and potently exploitable bug. You don't need to be running a server for it to be exploited.

It could, for example, be exploited by malware that you download. The bash patch should be applied by everyone.

That's like saying that the door of my house is not safe, because someone could climb through my windows and open it from inside.

If you were stupid enough to have downloaded malware, that malware doesn't need to exploit any bugs in bash. It can just use bash.
Score: 8 Votes (Like | Disagree)
sconnor99 Avatar
sconnor99
124 months ago
Careful guys. This update disables your MacBook's keyboard.


!!@£!@$@%£^£&**(!!
Score: 8 Votes (Like | Disagree)
Xenomorph Avatar
Xenomorph
124 months ago
Before:


$ bash --version
GNU bash, version 3.2.51(1)-release (x86_64-apple-darwin13)


After:


$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
Score: 8 Votes (Like | Disagree)
jayducharme Avatar
jayducharme
124 months ago
sucks for yosemite users.

I wonder if Yosemite is already fixed.

Hopefully, this update won't delete documents and kill your modem...
Score: 8 Votes (Like | Disagree)
Read All Comments

Popular Stories

maxresdefault

Apple to Launch New iPad Pro and iPad Air Models in May

Thursday March 28, 2024 11:07 am PDT by
Apple will introduce new iPad Pro and iPad Air models in early May, according to Bloomberg's Mark Gurman. Gurman previously suggested the new iPads would come out in March, and then April, but the timeline has been pushed back once again. Subscribe to the MacRumors YouTube channel for more videos. Apple is working on updates to both the iPad Pro and iPad Air models. The iPad Pro models will...
Read Full Article225 comments
General Apps Messages

Google Reveals When to Expect RCS Support on iPhone for Improved Texting With Android Users

Friday March 29, 2024 7:14 am PDT by
In November, Apple announced that the iPhone would support the cross-platform messaging standard RCS (Rich Communication Services) in the Messages app starting "later" in 2024, and Google has now revealed a more narrow timeframe. In a since-deleted section of the revamped Google Messages web page, spotted by 9to5Google, Google said that Apple would be adopting RCS on the iPhone in the "fall...
Read Full Article240 comments
airtag new orange

Criminals in Montreal Using AirTags to Steal Vehicles

Friday March 29, 2024 12:50 pm PDT by
Thieves in Montreal, Canada have been using Apple's AirTags to facilitate vehicle theft, according to a report from Vermont news sites WCAX and NBC5 (via 9to5Mac). Police officers in Burlington, Vermont have issued a warning about AirTags for drivers who recently visited Canada. Two Burlington residents found Apple AirTags in their vehicles after returning from trips to Montreal, and these...
Read Full Article135 comments
top stories 30mar2024

Top Stories: WWDC 2024 Announced, New iPads Delayed, and More

Saturday March 30, 2024 6:00 am PDT by
Apple's WWDC 2024 dates have been announced, giving us timing for the unveiling of the company's next round of major operating system updates and likely some other announcements. This week also saw some disappointing news on the iPad front, with update timing for the iPad Pro and iPad Air pushed back from previous rumors. We did hear some new tidbits about what might be coming in iOS 18 and...
Read Full Article14 comments
iphone 16 cases sonny dickson 1

First iPhone 16 Cases Outline New Rear Vertical Camera Bump

Friday March 29, 2024 4:09 am PDT by
Photos of the first iPhone 16 cases have been shared online, offering another preview of the rumored new vertical rear camera arrangement on the standard iPhone 16 and iPhone 16 Plus. Image credit: Accessory leaker Sonny Dickson Over the last few months, Apple has been experimenting with different camera bump designs for the standard iPhone 16 models, all of which have featured a vertical ...
Read Full Article34 comments
Apple iPhone 15 Pro spatial video capture lifestyle

$3 App Shoots Better Quality Spatial Video Than iPhone's Camera App

Friday March 29, 2024 4:48 am PDT by
A $3 third-party app can now record spatial video on iPhone 15 Pro models in a higher resolution than Apple's very own Camera app. Thanks to an update first spotted by UploadVR, Spatialify can now record spatial videos with HDR in 1080p at 60fps or in 4K at 30fps. In comparison, Apple's native Camera app is limited to recording spatial video in 1080p at 30fps. Shortly after Apple's Vision ...
Read Full Article80 comments