Notification of Bash Bug advisory
A newly discovered vulnerability (CVE-2014-6271) in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems including Apple OSX.
The NZITF have produced a good write-up which is available at http://www.nzitf.org.nz/
Mitigation: There are patches coming out for a number of Linux/BSD operating systems. Check with your vendor regularly to see if there is one for your system(s).
The full NCSC advisory is available here [PDF, 410 KB]