Two online giants, Google Inc (NASDAQ:GOOGL) and Amazon.com, Inc. (NASDAQ:AMZN), have raced fast to seal holes through which “Bash bug” or “Shellshock” can penetrate systems. Shellshock is a defect that can enable unauthorized persons to seize the control of website servers and computer systems.
The bug makes millions of computers and servers susceptible as it was discovered in a software program that runs in 50% of servers, including Apple Inc. gadgets and smartphones that use Google Inc (NASDAQ:GOOGL) Android operating system.
“This bug is horrible,” Darien Kindlund, director of threat research at FireEye, a cyber-security firm, wrote in a company blog post. “Conservatively, the impact is anywhere from 20% to 50% of global servers supporting web pages.”
The bug has been compared to Heartbleed bug which was discovered back in April, but experts have said that Shellshock presents even a bigger threat as many more devices are vulnerable to its threat. Heartbleed was said to make it possible for hackers to be able to access passwords from a server, making it less dangerous compared to Shellshock which can be used to take complete control of a server or a machine.
Such revelations prompted Google Inc (NASDAQ:GOOGL) and Amazon.com, Inc. (NASDAQ:AMZN) to swing into action in order to help protect their servers and users. Google Inc (NASDAQ:GOOGL) has taken measures to protect both its commercial cloud services and internal servers to ensure that they become foolproof against possible Shellshock exploits. On the other hand, Amazon.com, Inc. (NASDAQ:AMZN) has also dispatched information to customers on how to deal with the security threat.
No attacks have been directly linked to Shellshock just yet, although the U.S. Department of Homeland Security has said that Shellshock provides a loophole that can be explored by malicious individuals to attack systems.
This article has been written by Victor Ochieng.