Bash or Shellshock bug

Klaus1 wrote:

Unless you are running OS 10.9.5 you are not affected.

Sorry, but that's simply not true. The vulnerability has existed in bash for years, but just discovered recently. I just tested a system running 10.6.8 and it is vulnerable. There's an easy test outlined in the article you mentioned to see whether your system is vulnerable or not.

Hopefully Apple releases an update soon. For any system administrators with web servers running some variation of Unix/Linux, I would suggest patching as soon as possible. The following article has some information on patching Linux near the bottom of the page:

http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bu g-vulnerability

... internet-facing OS X servers, can mitigate the issue ...

...but for those running an Airport as our router, we have a device interacting with the internet, that has this vulnerability exposed to the internet. Fingers crossed that the update is less than 12 days away (which was the timeline for heartbleed, which was less concerning from a router standpoint).

Here you go: http://support.apple.com/kb/DL1769

K

I downloaded the Bash Update Mavericks 1.0 to my macbook pro which is in my finder downloads but not sure if I should actually upload it to my macbook now or wait until they notify me that there is a software update. There was a Bash Update Mavericks - 2.dmg and a Bash Update Mavericks.dmg downloaded. Do I just click on each to upload it if I do it now? I am not very knowledgeable on all this so would really appreciate any help.

I'm wondering if there is delay in migrating all the links for the patch(s) to the Apple website. True if you click on that link you provided you find the update. But if you search through support you cannot. If you search via 'OS X Bash Update" .

I was searching for updates for Lion and MLion. Found them. To resolve it I just dropped back on on the DL number. DL1769 is Mavericks, DL1768 is ML and DL1767 is Lion.