There was discovery of a bash vulnerability exploit nicknamed "Shellshock" that's circulating the web with a lot of buzz and critical awareness. x360Sync deployments are protected, however your awareness and understanding of the issue is valuable. This is simply an educational notice, and no action items are required.
"Shellshock (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277) is a vulnerability in GNU's bash shell that gives attackers access to run remote commands on a vulnerable system. If your system has not updated bash in since Sun Sep 28 2014: 1:11AM EST (See patch history), you're most definitely vulnerable and have been since first boot. This security vulnerability affects versions 1.14 (released in 1994) to the most recent version 4.3 according to NVD."
- The above description and links are pulled directly from https://shellshocker.net/
For SyncedTool.com Customers: All of the machines hosting the x360Sync applications received the patches automatically before most people even knew it was an issue.
For Private Cloud Customers: Your deployments will be within a Windows environment, so by default this exploit does not apply to you.
Comments
0 comments
Article is closed for comments.