Notification of Bash Bug advisory

A newly discovered vulnerability (CVE-2014-6271) in the Bash command-line interpreter poses a critical security risk to Unix and Linux systems including Apple OSX.

The NZITF have produced a good write-up which is available at http://www.nzitf.org.nz/

Mitigation:  There are patches coming out for a number of Linux/BSD operating systems.  Check with your vendor regularly to see if there is one for your system(s).

The full NCSC advisory is available here [PDF, 410 KB]