IMPORTANT: Shellshock / BASH Vulnerability

IMPORTANT: Shellshock / BASH Vulnerability

Information regarding Shellshock vulnerability

What is happening?

A vulnerability known as Shellshock affecting Linux, Unix and Apple Mac computers has been widely publicised in recent days.  The shellshock vulnerability, exploited using a Unix program called BASH, potentially allows hackers to inject code into systems that are open to the attack.

IT Services are compiling a list of central University systems which may be affected, and will update them when patches are made available by the relevant manufacturers. The patching of central systems are likely to cause short periods of downtime, but we will ensure that communications are issued in advance of any work commencing.

What should you do?

The BASH compromise affects Unix-based systems which includes Apple Mac desktops and laptops, Ubuntu desktops, and many more.  IT Services strongly recommends that you keep your devices up to date by applying any critical software patches that are made available by the manufacturer of the operating system installed on your devices.

Windows computers are not affected by this vulnerability, and the vast majority of desktop PCs at the University of Aberdeen run Microsoft Windows 7.

If we become aware of a critical software patch being released for this vulnerability - for example by Apple - then we will issue another IT Service News to advise you of the availability of the patch.