Apple has issued a public statement in response to the so-called Shellshock vulnerability, assuring OS X users that for the most part, they’re safe from any potential attacks. An Apple spokesperson provided the following to TechCrunch regarding the vulnerability, which affects bash, a Unix shell that’s part of Apple’s desktop OS:
The vast majority of OS X users are not at risk to recently reported bash vulnerabilities. Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.
Earlier, we provided a guide regarding what you need to know about Shellshock to protect yourself, but as Apple notes here, in OS X you should be safe so long as you haven’t configured advanced access (which means probably most of our readers are okay). Apple will also issue an OS X update shortly to close the potential hole, so also just make sure you don’t go enabling any advanced UNIX options before that happens.