The Shellshock vulnerability in Bash (a command line shell) hit the news last week and has the potential to be far more serious than the Heartbleed bug discovered earlier in the year. The Shellshock bug appears to mostly effect Macs, Linux, Unix, and websites based on Apache, although some network hardware may be effected.
There is a very good technical article that Troy Hunt has published which explains the vulnerability in some depth. You can view it here, as well as many other websites which are covering the story so I won’t go into detail, just type Shellshock into your favourite search engine.
Instead below is a list of the major vendors which we and customers use and links to any articles they have regarding Shellshock and their products.
Watchguard and Draytek have confirmed they have no effected products. Microsoft is also uneffected.
Keep checking back as I will update this as more detials from vendors become available.
If you know of any other Vendor statements regarding the ShellShock bug please add a comment below, and I will incorporate it into the post.
http://support.apple.com/kb/DL1769 (for Mavericks)
http://support.apple.com/kb/DL1768 (for Mountain Lion)
http://support.apple.com/kb/DL1767 (for Lion)