Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the internet, today announced that it has issued an IPS protection against the GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability, securing the integrity of its customers’ network data.
Check Point released an IPS update to block exploits from Shellshock this morning. For more information, see: sk102673 – Check Point Response to CVE-2014-6271 Bash Code Injection and CVE-2014-7169.
“Check Point issued an IPS protection this morning to detect and block attempts to exploit the vulnerability. We recommend that all of our customers make the update immediately in order to secure their networks,” said Dorit Dor, vice president of product at Check Point Software Technologies. “Shellshock leaves many systems vulnerable to attack, with a global impact that reaches far beyond any other network vulnerability.”
The United States Computer Emergency Readiness Team (US-CERT) writes: “A critical vulnerability has been reported in the GNU Bourne Again Shell (Bash), the common command-line shell used in most Linux/UNIX operating systems and Apple’s Mac OS X. The flaw could allow an attacker to remotely execute shell commands by attaching malicious code in environment variables used by the operating system.” (1)
“Check Point will continue to monitor and access the Shellshock vulnerability, and will issue additional protections for our worldwide partners and customers as needed,” concluded Dor.
(1) US-CERT Alert (TA14-268A), GNU Bourne Again Shell (Bash) ‘Shellshock’ Vulnerability (CVE-2014-6271/7169), https://www.us-cert.gov/ncas/alerts/TA14-268A
Follow Check Point via