You can test if your version of bash is affected by running the command
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If you get the output
vulnerable this is a test
Then you need to update. (If you don't have a vulnerable version then you'll get some error about x not being iniatialised.) Ubuntu LTS, Fedora and Debian (along with RHEL/CentOS) have already prepared fixes. Failing that, you can grab the source online and manually replace bash.
There may be other distros that have fixes but those are the ones I know of. Also, as the BBC article says, hackers are lazy. They have a known exploit that they'll try against big targets (servers, mostly) so if you're just running a computer at home, I'd reckon you're fairly low on the list of targets :-)
Cheers
On 25 September 2014 18:11:48 GMT+01:00, Chris Walker alug_cdw@the-walker-household.co.uk wrote:
On Thu, 25 Sep 2014 17:42:52 +0100 Bev Nicolson lumos@gmx.co.uk wrote:
What should we do? Here it's just me and my computer to worry about for example and I have a firewall and a virus checker installed. Is that enough?
My machine had an update this morning to bash and a couple of other things.