How to Fix “Shellshock” Vulnerability on Mac OS X

Yesterday, I happened upon news that Macs and Linux boxes expose a vulnerability dubbed “Shellshock” that is said to be potentially worse than “Heartbleed” earlier this year. This sounded serious enough to alert me and take action.

Luckily, real savvy geeks have already identified the main source of this leak, which is found in older versions of bash.

I ran proposed sequence of steps according to the following source and actions proposed on Mac OS 10.9.5. (but the version of the operating system isn’t really the main aspect as it’s about the included version of bash):

security – How do I recompile Bash to avoid Shellshock (the remote exploit CVE-2014-6271 and CVE-2014-7169)? – Ask Different.

It’s paramount to have Xcode installed in order for the above sequence to work. I’m assuming that there will be alternative ways of compiling the provided source code of a more up-to-date version of bash. However, I didn’t feel like tinkering with that and ran an Xcode install in order to keep things as easy as possible. Fortunately, after installing Xcode I was able to complete the sequence of measures, thus resulting in closing the vulnerability. It’s going to be interesting to see, if or when Apple will respond to this.

Leave a Reply

Your email address will not be published. Required fields are marked *