What We’re Doing about Shellshock

Update: A fix for CVE-2014-7169 was released on 09/25/2014 at 8PM CDT and we proactively pushed this update to our servers to address the outstanding Bash vulnerabilities.

Yesterday, a critical security vulnerability was discovered in Bash on CentOS 5 and 6. Because of “a flaw in the way Bash evaluates certain specially-crafted environment variables”, a hacker could inject malicious commands into a server, bypassing security restrictions. The bug was nicknamed “Shellshocked” and RedHat and CentOS immediately started working on a fix.

A Bash package for CVE-2014-6271 was released to address the vulnerability, and we patched our servers immediately to protect our customers from any malicious activity. Unfortunately, the patch does not provide a complete fix – it only lessens the hackers’ power to do as much damage. RedHat continues to work as quickly as possible on a complete solution for CVE-2014-7169, which address these other vulnerabilities.

We’re keeping an eye out for you so you won’t need to worry. Security is very important to JT Web, and we will apply the updated bash package immediately upon release. If you have any concerns about this vulnerability, or if you would like us to double-check the security of your account, please feel free to contact us.

• Author
• Recent Posts

JT Website Design Inc.

JT Website Design Inc. is a prominent website service company that pays special attention to detail and values every customer. We have the ability to implement any web technology, from the simplest website to the most complex web applications.

Latest posts by JT Website Design Inc. (see all)

• If You Are Making Mistakes… - March 4, 2020
• What’s it gonna cost? - February 23, 2020
• Tis the Season for 1099’s. Should you file a 1099 for your vendors? - January 25, 2020