lamiaceae Loc: San Luis Obispo County, CA

Wow, this is something different – A Apple® Mac virus!

Shellshock

Everything you need to know about the latest bomb dropped on the web
What is Shellshock?

Shellshock is the latest online threat sent to disrupt us. It's a loophole that affects a piece of software called Bash found mainly in Linux® or Unix® operating systems as well as the Apple® MacOS® X. And while the Shellshock bug is more about web servers and other Internet devices, those can now be turned against your own, more personal devices.

The bug can affect you through malicious requests sent to web servers you interact with, or it can affect your devices directly over insecure Wi-Fi® networks. Attackers can use this exploit to spread malware, steal data, turn your computer into a bot, send spam, or gain complete control over your computer.

...if you also have a Mac®:

Apple has already released patch updates users should install – so look out for these official updates. They have also made it clear that the bug only affects power users that take advantage of the advanced UNIX services within OS X. If the previous sentence has baffled you, then you are in the group that Apple says are not at risk.

...as a PC user:

If you’re running Microsoft Windows®, it is safe to say that you're less at risk, since Windows® doesn't run Bash, the software that has the bug.

However while you're not affected directly, you could still be at risk if the web servers of the sites you visit are compromised.

I have a PC, but I figured I would let everyone know what AVG sent me.

Bozsik Loc: Orangevale, California

:thumbup: Thank you.

ecobin Loc: Paoli, PA

Yesterday, I received a similar notice from my virus protection provider Sophos. They claim to be on top of this. Sophos is freeware and many of our MAC users group members use it. Hopefully, our machines are protected. Thanks for posting.

Jim216 Loc: South Carolina

According to Applecare, this is real. bash is a Unix shell and can be exploited under certain conditions via this "virus." To find out more about this, go to:

http://support.apple.com/kb/DL1769?viewlocale=en_US&locale=en_US

It only took a few minutes to install with no reboot required.

Jim

doduce Loc: Holly Springs NC

Oh, drat. All the Apple apologists will be in cardiac arrest. :-)

lamiaceae Loc: San Luis Obispo County, CA

I know, a virus affecting Apples is so rare and they basically passed on Windows this time, Bashing Macs & Unix instead.

This situation reminds me of a person computer incident that happened to me many years ago. I got an odd email from a friend with an attachment (don't remember now if it was a doc, image, or link). It seemed legit and I was much less experienced or cynical then. So I clicked on it, nothing happened. It seemed for some reason to me then like there was something attached and not just a dead link. Our PC at the time was getting a bit feeble as one might say so I figured someone else might be able to open it and let me know what my pal had sent. Obviously a stupid thing to do -- these days I'll just delete and possibly ask who ever if they actually sent the email and attachment -- a bit of a novice still. So I forwarded it to my wife at work. Luckily it was late in the work day and she had already logged off for the day. That night I just happened to be listening to a talk radio show (Art Bell I believe) and a guy was describing a rather nasty computer virus that was being spread by emails with the exact header I had receive and hot-link name. So I am thinking oh, no. So in the morning I told her about the situation. Then told her when you get to work don't turn your PC on, just tell the IT guys what happened and that they may have or get a virus on their servers. The first smart thing I had done with this so far. It seems we were not affected because we were still using Windows 3.1 (16-bit) w/DOS 6.21 (8-bit), and this virus as noted in the radio segment had noted it is written to only affect a 32-bit Windows OS. Where my wife worked, a school district accounting department, their servers where running a 32-bit OS like Windows NT Server or Windows 98SE Server. Anyway, the IT department was ready for it so they "swept" their system before firing up any terminals not yet running. I don't know if there was any virus on the system from my blunder or anyone else working their that had gotten the same attachment from someone else, or it was just as simple as deleting my email after starting the PC my wife used. But they had no "infection". It must have been a rather nasty virus to have gotten described on a nationally syndicated radio show back then during the late Nineteen Nineties.

Afterwards I contacted my friend and he said, yes, he had been hacked and was apologetic about me even getting the bogus infected email.