By now you should have heard about Shellshock. It is a huge vulnerability in the Bash shell – which is used in many unix based systems.
Most of you are running all Windows systems, but I would like you to think for a moment about those black boxes that are running on your network. The firewalls, the printer servers, voip systems that might be quietly running some form of unix.
At the time of this writing there still is not a definitive fix. There was a fix pushed out, but almost immediately others discovered it was still vulnerable.
I have put together some links to help you get a handle on it:
Everything you need to know about Shellshock by Troy Hunt
Scan of the internet for Shellshock
DHCP Proof of concept Shellshock exploit
A Shellshock vulnerability tester
Now let me reiterate – Windows systems are not vulnerable, but Linux & Unix (This includes Apple desktop systems) are everywhere…so you could have something exploitable on your network even if you are a Windows only shop.
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools