Shellshock / bash vulnerability
There's been a lot written about this already so not going to say too much more but posting so I can keep a collection of links together and point people to it. It does warrant you changing your schedule and go patch things quickly. The original vulnerability can be found at CVE-2014-6271 . Unfortunately the vulnerability and fix wasn't complete so if you patched you may need to go and patch again. Details of this updated vulnerability can be found at CVE-2014-7169 Here is Ubuntu Linux advisory . You need to be on bash 4.3-7ubuntu1.3 or higher Here is Amazon Linux advisory . You need to be on bash 4.1.2-15.21 or higher Here is Red Hat advisory . The version you need depends on your version of RHEL. See more details here . The link for AWS for what needs doing is here . Some good discussion on the issue is at lwn.net