Apple has released a partial Shellshock fix, but your Mac was probably never in much danger


On Monday, Apple started releasing an update to OS X to patch potential vulnerabilities related to the Shellshock Bash flaw in Linux and Unix-based operation systems. Tech site ZDNet said that the update fixes two of the three known issues but leaves your Mac vulnerable to a third weakness that hackers might be able to exploit to get free rein of your computer. The truth is, though, your Mac was probably never in much danger.
"The vast majority of OS X users are not at risk to recently reported 'Bash' vulnerabilities," an Apple spokesman said last week. "With OS X, systems are safe by default and not exposed to remote exploits of Bash, unless users configure advanced Unix services." That's Apple, of course, but the Mac security software experts at Intego largely agree.
Intego's Derek Erwin found two ways a malicious hacker might be able to take control of your Mac — read them here — but both are "edge cases," he says, requiring "a level of technical expertise that the person configuring their account as such can patch the exploit fairly simply." If you haven't received the OS X security update yet, MacWorld has some tips on keeping your Mac safe from Shellshock. Their bottom line: "Don’t panic! Shellshock isn’t the end of the world."
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Continue reading for free
We hope you're enjoying The Week's refreshingly open-minded journalism.
Subscribed to The Week? Register your account with the same email as your subscription.