Check Point Protects Customers Against Shellshock
September 2014 by Emmanuelle Lamandé
Check Point® Software Technologies Ltd. announced that it has issued an IPS protection against the GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability, securing the integrity of its customers’ network data.
“Check Point issued an IPS protection this morning to detect and block attempts to exploit the vulnerability. We recommend that all of our customers make the update immediately in order to secure their networks,” said Dorit Dor, vice president of product at Check Point Software Technologies. “Shellshock leaves many systems vulnerable to attack, with a global impact that reaches far beyond any other network vulnerability.”
The United States Computer Emergency Readiness Team (US-CERT) writes: “A critical vulnerability has been reported in the GNU Bourne Again Shell (Bash), the common command-line shell used in most Linux/UNIX operating systems and Apple’s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system.” (1)
“Check Point will continue to monitor and access the Shellshock vulnerability, and will issue additional protections for our worldwide partners and customers as needed,” concluded Dor.
(1) US-CERT Alert (TA14-268A), GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271/7169), https://www.us-cert.gov/ncas/alerts...