Surfing the net nowadays can be a traumatizing experience. Not nearly as traumatizing as European soldiers felt in World War I trenches, which gave birth to the naming of the recently discovered bash security leak in Linux systems (ShellShock) but uncomfortable none the less. The leak in the Unix shell seems to exist for quite a long time now, but came to public knowledge just recently – and by now it is widely and actively used. Even by ‘free time hackers’, who are usually lacking enough know-how to break into secured websites. As the discoverers of the leak stated, it is relatively easy to exploit.
Shellshock updates available
The good news: All important Linux distributions already rolled out updates with which the leak can be secured. Also CyberGhost stated a first (but reserved) all-clear signal. As many online publications stated yesterday and the day before, distros like Fedora, Red Hat, Ubuntu, Debian and OpenSuse published two updates – as where the second became necessary, because the first one got compromised as well. Also CyanogenMod had been secured these days, while the usual Google Android doesn’t need any update and Apple users should be a little more patient and wait some more time. But then again: Desktop users shouldn’t be all too worried anyway, because the leak is used ‚just‘ to attack web servers.
CyberGhost is safe
Here at CyberGhost we know well about this threat and already took action right after the first notice of a potential security problem with the Unix bash. We performed a series of tests and patched (just in case) all infrastructure servers. According to the tests done we haven’t been affected even on unpatched servers, but we are nonetheless wide awake, because the amount of attacks hasn’t reached its peak and every day might bring new and different challenges. Of course, we will keep you updated, if this matter unveils new facts, but until then: Be assured, you’re safe with your favorite ghost!