Yesterday, a security researcher released the details of a major security vulnerability in Bash, a.k.a. Bourne-Again Shell, a popular software utility.

The vulnerability, known as Shellshock, will be a serious problem for many Linux, Unix, and Mac OS X users.

In order to protect our Credit Union customers from being affected by Shellshock, CUdefender has proactively updated its Web Application Firewall (WAF) rules to block the vulnerability.

Our implemented security rules work in multiple stages to ensure that Shellshock cannot be exploited on systems protected by CUdefenders’s WAF.

As a best practice, administrators of any systems running Bash should patch their systems as soon as patches for their distributions are available, even if those systems are already protected by CUdefender. Mjor Linux distributions such as Redhat, have already released patches.

Some vendors and third parties have already gone as far as creating simple diagnostic tools which can be run after patching to make sure that the vulnerability is closed and unexploitable on your system.

Technical details for Shellshock and affected versions for this vulnerability can be found in the National Vulnerability Database using the ID #’s CVE-2014-6271 and CVE-2014-7169.