One of the most recent internet vulnerabilities is expected to be the largest ever to hit. The bug, known as “Shell Shock”, enables hackers to exploit the Unix shell used by millions of web servers, ultimately allowing the hacker to take control of the device and steal information from it. Potentially vulnerable devices range from iPhones to internet-connected thermostats. The Marcum Financial Institutions Services Group is hoping that all of you have already heard about this, but if not please see the links below.
We urge you to ensure that you are patching as soon as possible and as patches become available CVE-2014-7169. Even though CVE-2014-6271 is not a complete fix, it provides an additional level of protection.
Please take this seriously and reach out to your vendors to ensure they are patching as well. For questions, assistance or additional information, please contact Heather Bearfield, Partner and member of the Marcum Financial Institutions Services Group.