On September 24, the Shellshock bug, also known as CVE-2014-6271 and CVE-2014-7169 first emerged, and has since targeted Linux and Unix operating systems around the globe.
According to an eWeek article, “Why Shellshock Bug is Way Nastier than Heartbleed,” a veteran security expert has said that the Shellshock bug is capable of causing “widespread havoc because it delves deeper into the operating systems kernel than any previous worm.” Furthermore, the eWeek article stated, “because Shellshock uses as entrance the common command execution shell known as bash [for Bourne-Again SHell], it can allow hackers to potentially take control of hundreds of millions of machines around the world, unless stakeholders get the operating systems for their machines patched as soon as possible.”
The Shellshock bug follows closely on the heels of “Heartbleed,” which came on the scene last Spring as one of the most damaging, and widespread bugs to affect cyberspace in recent years. The emergence of these two high profile bugs illustrates why it is so important for businesses of all sizes to be proactive in monitoring and fixing security holes in their infrastructure. And, NetEnrich is here to help.
When Shellshock was first revealed, NetEnrich reacted immediately, patching all affected servers in order to mitigate any potential damage to our customers. We were able to do this through our real-time, automated IT operations monitoring services that provide first-level support for incidents that occur within our customers’ IT infrastructure, putting fixes in place before major outages or other damage occurs.
NetEnrich security experts are continuing to closely monitor developments and new information around CVE-2014-6271 and CVE-2014-7169. Our automated checks are helping us to identify if, and when customer or partner systems become vulnerable to these bugs. We have also created a patch for business critical systems, as well as patching systems based on customer approvals. Patches are currently, and will continue to be rolled out, whether publicly exposed vulnerabilities exist, now or in the future. Furthermore, NetEnrich is analyzing our customer’s web services that have potential risks and vulnerabilities.
When IT organizations count on NetEnrich for automated IT operations management, they can rest-assured than will have their back when it comes to vulnerabilities such as the Shellshock bug.
So, don’t wait for the next bug to strike! Drop me a line today at firstname.lastname@example.org or visit www.netenrich.com, to learn more about how we can help your IT organization become more proactive in preventing bugs from affecting your critical infrastructure.
- Chris Joseph