Bigger than Heartbleed: Bash bug Threatens Internet Security


BANGALORE: A security error known as the Bash or Shellshock bug affected major digital companies, small-scale Web hosts and even Internet-connected devices, reported Cnet.com

A report from open-source software company Red Hat said that "it is common for a lot of programs to run Bash shell in the background," and the bug is "triggered" when extra code is added within the lines of Bash code.

Security expert Robert Graham said that the Bash bug is bigger than Heartbleed because "the bug interacts with other software in unexpected ways" and because an "enormous percentage" of software interacts with the shell.

"We'll never be able to catalogue all the software out there that is vulnerable to the Bash bug," Graham said. "While the known systems (like your Web server) are patched, unknown systems remain unpatched. We see that with the Heartbleed bug: six months later, hundreds of thousands of systems remain vulnerable."

Read More: 10 Surprising Facts No One Knows About Social Media