The problem with the first patch, as Red Hat explained in its Shellshock FAQ, was that it only took care of the original bash flaw CVE-2014-6271. This, the true Shellshock bug, is the worst bash security hole. There were also others.
Red Hat said: "Shortly after that issue went public a researcher found a similar flaw that wasn’t blocked by the first fix and this was assigned CVE-2014-7169." This bug is also a security problem, but it's not as bad as the other flaw.
Later, Red Hat Product Security researcher Florian Weimer found additional problems and these were designated CVE-2014-7186 and CVE-2014-7187. Fortunately, these bugs are less serious and the latest patch takes care of these as well. As Red Hat's Huzaifa Sidhpurwala told me: "The latest version of bash fixes all the CVE issues."
So, what you want to do now, if you haven't already, is check to see if you're running a vulnerable version of bash.
Run the following command, created by Red Hat, from your bash shell:
bash: x: line 1: syntax error near unexpected token `=' bash: x: line 1: `' bash: error importing function definition for `x' Fri Sep 26 11:49:58 GMT 2014
...with the last line being the current date and time, then you're still vulnerable to a "7169" attack.
The result you want to see is:
date cat: /tmp/echo: No such file or directory
If you see the above, you're good to go. But, if you see the error message with the date and time, immediately check to see if there's a new patch available for your version of bash.
That shouldn't be a headache for most system administrators since patches are now available for all the major Linux distributions and Solaris Unix. Bash is neither the default shell nor is it even automatically installed in IBM AIX, FreeBSD, OpenBSD, or NetBSD.
For Mac server administrators, it's a different story.
Apple claims that most Mac users are safe from bash attacks. In a statement to sister-site CNET, Apple said OS X systems are safe by default because users "are not exposed to remote exploits of bash unless users configure advanced UNIX services."
The technology giant added: "We are working to quickly provide a software update for our advanced UNIX users."
If you're just running a Mac laptop or desktop, you shouldn't have any worries. What Apple doesn't say, but is nonetheless true, is that if you're running a Mac server to provide network services such as a Web or Dynamic Host Configuration Protocol (DHCP) server, you're wide open to being attacked.
Worse still, Rapid7's Metasploit penetration tool, which has often been used by hackers to attack sites, now has a Shellshock module. With this and similar script-kiddie tools available, expect the number of attacks to increase dramatically because now almost no technical skill is now needed to launch an assault.