September 26th 2014 – Following the public disclosure of the existence of the Shellshock Bash bug yesterday, Icomera wishes to reassure our customers that actions are being taken to investigate and eliminate any vulnerabilities in our systems that third parties may look to exploit.
Shellshock affects a piece of software called Bash, a command line interface that allows a user to talk to Unix or Unix-like operating systems such as OS X and Linux. The Shellshock bug allows attackers to inject their own code into Bash using specially crafted “environment variables” that have Bash functions in them.
The existence of the bug was publicly disclosed on September 25th 2014, at which point all vendors started to prepare and distribute patches for it. Approved security patches are now being applied to all of Icomera’s affected systems as they become available. The first of these were released and applied within 24 hours. Icomera’s customers are not required to take any additional action themselves at this stage.
Icomera remains committed to protecting our customers’ data and in the rare cases where major online security issues do arise, please be assured that our ever-vigilant team will be on hand to combat these swiftly and decisively.
Customers with any outstanding questions or concerns should contact their Icomera account manager.
