- Article ID: 121444
- Updated: 26 Sep 2014
In the light of the recent Bash vulnerability known as "Shellshock" (CVE-2014-6271 and CVE-2014-7169), we have reviewed its products to understand if any are at risk.
As far as we are aware, none of our products can be exploited by means of this bug.
As a matter of good security practice, we will be updating the various Sophos-supplied versions of Bash as soon as a stable and effective patch is available from the Bash maintainers.
For more information, see our Naked Security post: http://nakedsecurity.sophos.com/2014/09/25/bash-shellshock-vulnerability-what-you-need-to-know/
If you need more information or guidance, then please contact technical support.