Apple Releases Patches for Shellshock Vulnerability

Bash bug aka shellshcok bug has shocked the IT community and it has also created an alarming situation for the organizations running Unix and Apple MAC OS. Nessus and other renowned vulnerability assessment service providers have created solution or at least float their services in the market, and here comes the Apple.


Apple on Monday said it has now patched the Bash vulnerability for its OS X Lion, Mountain Lion and Mavericks software. The company also created a site for users to download the Bash update.


Apple stated that most Mac users were safe from Shellshock as remote services like web sharing are disabled by default. OS X Server users were not mentioned but I consider them to be at far more risk as it is much easier to set up and enable a web server or other remote services. However this bug was serious enough to get Apple’s immediate attention and today they released a software patch “OS X bash Update 1.0″. Strangely this update can not be found through the normal software update process but has to be downloaded from Apple’s website.

The patch was released for the last three operating systems and can be found here:

OS X 10.7 Lion
OS X 10.8 Mountain Lion
OS X 10.9 Mavericks

No restart is required to install this security patch.