(LOS ANGELES, CA – October 1, 2014) Lieberman Software Corporation announced today that all of its products are secure from the recent Shellshock bug.
Shellshock is a critical security vulnerability that affects the Bash open source project – a shell program distributed on Linux, Unix and OS X systems. However, since Lieberman Software products are built on Microsoft technology, its products are not vulnerable to Shellshock.
“It’s the same basic situation as the Heartbleed bug earlier this year,” said Chris Stoneff, Director of Professional Services at Lieberman Software. “Our software runs exclusively on Microsoft technology. Thais means that when our customers deploy Lieberman Software products, they benefit from the documented and vetted security standards of the Windows platform – as well as Windows’ regular security and patching cycles.”
Shellshock affects many web servers, mobile devices, routers and other Internet-connected devices running Unix, Linux or OS X. It allows malicious code to execute from within the bash shell, gain control over an operating system, and then access and extract confidential data.
Some security researchers are already estimating that Shellshock is a more serious security vulnerability than Heartbleed, and may affect up to 50 percent of web servers worldwide. According to the National Institute of Standards (NIST), Shellshock rates 10 out of 10 on its scale of security risk.
“Cable boxes, routers, NAS devices, and of course, enterprise and Internet-connected devices and services, all make use of Linux/UNIX running a bash shell,” Stoneff said. “All of these systems are targets for Shellshock. It’s a significant security vulnerability.”
Since Lieberman Software does not use open source code, its customers can be assured that the company’s privileged access management solution and Windows security management tools are secure against Shellshock, Heartbleed and other open source vulnerabilities.
Defend Against the Shellshock Vulnerability
Lieberman Software does recommend, however, that anyone who has accessed other services that are susceptible to Shellshock, update all passwords immediately on affected systems. IT groups should also change all privileged account passwords and service account passwords on any system – whether Linux, UNIX, OS X or Windows – running a third-party open source-based application. Regular privileged account password changes are particularly important because it’s likely that many systems affected by Shellshock may never get patched.
Lieberman Software also advises taking part in its Privileged Account Risk Assessment to help find and defend against privileged account security holes in the enterprise. For more information see www.liebsoft.com/risk.
About Lieberman Software Corporation
Lieberman Software provides award-winning privilege management products to more than 1200 enterprise customers worldwide, including nearly half of the Fortune 50. By automatically locating, securing and continuously auditing privileged identities, both on-premises and in the cloud, Lieberman Software helps protect access to systems with sensitive data, thereby reducing internal and external security vulnerabilities, improving IT productivity and helping ensure regulatory compliance. The company developed the first solution for the privilege management space, and its products continue to lead the market. Lieberman Software also provides a mature line of Windows security management tools. The company is headquartered in Los Angeles, CA, with offices and channel partners located around the world.
For more information, visit www.liebsoft.com.
Product and company names herein may be trademarks of their registered owners.
For more information, please contact:
Marketing Communications Manager
Lieberman Software Corporation