ITS is currently researching and addressing a new security issue known as the "Shellshock Bug." Shellshock is a flaw
in a piece of software that is built into a majority of machines that connect to the Internet, including servers,
computers, and mobile phones. This vulnerability can allow hackers to take control of an entire device. Similar to
Heartbleed, Shellshock is a widespread issue affecting users and companies worldwide.
How will this affect you?
Our Security Team has already begun applying the necessary
security patches to systems and devices that may be affected by Shellshock. There is no evidence that any WCMC
systems have been compromised.
What do you need to do?
As always, please monitor your accounts for any sign of malicious
activity, including fraudulent emails attempting to extract more personal data from you. You can reference our 5 Tips to Avoid
Internet Fraud at WCMC article for assistance.
If you are running your own server, we highly
recommend reviewing this notice from Cornell
University that includes information about testing and taking appropriate action.
If you believe
any of your devices have been compromised, please call the Service Desk immediately.
More information about
the Shellshock Bug can be found at various news outlets:
- The New York Times: http://www.nytimes.com/2014/09/26/technology/security-experts-expect-shellshock-software-bug-to-be-significant.html
- Daily News: http://www.nydailynews.com/news/national/shellshock-bug-threatens-mac-linux-computers-article-1.1952516