By Jared Ruckle, Senior Product Manager. Find Jared on Twitter
A new vulnerability was recently identified in the “bash” shell that a default component of most Linux operating systems deployed globally today. This vulnerability – dubbed “Shellshock” - is being compared to what was experienced earlier this year with the Heartbleed bug because of the widespread use of the impacted Linux operating systems.
Shellshock has been assigned the highest risk rating of “10” according to the Common Vulnerability Scoring System (CVSS). Why? The vulnerability can be exploited across the network, it does not require any authentication to exploit, and exploiting this vulnerability is simple.
Unmanaged Customers - Patch Your Systems in the CenturyLink Cloud Immediately
If you have instances running a Linux operating system in CenturyLink Cloud data centers, you are likely affected. Our unmanaged customers are responsible for day-to-day configuration and deployment of these systems, so it is the customer’s responsibility to remediate any affected systems.
We recommend you apply the updates for this vulnerability as quickly as possible. This is especially important for those servers running Apache web servers as there are published exploits already circulating for Apache websites.
Managed Customers – Request Patching via Ticket with Managed Services Help Desk
Customers running managed environments (including Apache) on CenturyLink Cloud will have their systems...