Apple Bash patches released for OS X

Apple has released patches for the bash security exploit, fixing a security flaw in the UNIX shell, though the company maintained that the issue did not affect most of its users. The three patches, released today, follow similar security updates for some of the best-known Linux distributions, after a potentially significant problem was identified earlier this month.

Patches are available for OS X Mavericks, along with OS X Mountain Lion and OS X Lion. [Update: OS X Yosemite will be addressed in future builds, Apple tells us]

Although some exploits for the vulnerability had already begun surfacing after the flaw was identified, Apple insisted that only its advanced users had any reason to be concerned. In a statement from the company last week, it argued that most users would not be left in a position where such an exploit could be taken advantage of:

"The vast majority of OS X users are not at risk to recently reported bash vulnerabilities. Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services"

At the same time, however, Apple also said that it was developing a patch "for our advanced UNIX users."

The flaw affects more than just OS X, of course, taking advantage of an issue in the bash (Bourne Again SHell) component which could potentially allow a remote hacker to gain direct control of targeted computer. Some of the more popular Linux distributions, like Red Hat, Debian, CentOS, and Ubuntu, have already released patches for their server builds.

SOURCE Apple