Apple has released updates to insulate Mac OS X systems from the dangerous “Shellshock” bug, a pervasive vulnerability that is already being exploited in active attacks.
Patches are available via Software Update, or from the following links for OS X Mavericks, Mountain Lion, and Lion.
After installing the updates, Mac users can check to see whether the flaw has been truly fixed by taking the following steps:
* Open Terminal, which you can find in the Applications folder (under the Utilities subfolder on Mavericks) or via Spotlight search.
* Execute this command:
bash –version [author’s note: my WordPress install is combining these two dashes; it should read the word “bash” followed by a space, then two dashes, and the word “version”].
* The version after applying this update will be:
OS X Mavericks: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
OS X Mountain Lion: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin12)
OS X Lion: GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin11)