Given that Apple can send out updates, and the Shellshock vulnerability is comparatively simple to fix, one would expect Jobs’ Mob to send out an update smartly.
Apple has made a statement that it was “working to quickly provide a fix” to the vulnerability. However, a company spokesperson said that most Mac OS X users have nothing to fear as Apple gear was invulnerable to any attack.
“OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”
Chet Ramey, the maintainer of bash, said in a post to Twitter that he had notified Apple of the vulnerability several times before it was made public, “and sent a patch they can apply” and “several messages”,
However Jobs’ Mob has not already packaged that fix for release and has largely ignored the problem. The problem is that Apple refuses to trust anyone and is insisting that its own developers make modifications to the bash code.