You can quickly test your operating system to see if your bash version is vulnerable by following instructions on the Shellshocker website. TLDR, here is the command you need to run to test bash on your machine:
Note that the version of bash in my path (the newer one from MacPorts) is not affected by the vuln. Now I will test the version of bash installed as /bin/bash:
Notice that I piped the script directly to /bin/bash instead of relying upon the version of bash in my PATH. Because I have already installed Apple's update (noted below), /bin/bash is not affected either.
Apple UpdateApple has already released an update containing a patched bash version, so it's very easy to update the standard bash version located in /bin/bash. But, if you are like me and you are using MacPorts to manage many binaries within Mac OS X, you may not be using the version of bash installed by Apple.
Use of MacPorts to Upgrade BashI have used MacPorts for years and I continue to get grief from people who love Homebrew. I must say that I do like both, but for some reason I have always kept coming back to MacPorts. Anyway, if you are using MacPorts then upgrading to the patched version of bash is especially easy. Below are the commands to upgrade bash:
Notice that, first, I told MacPorts to update it's cache of upgraded ports, second, I told MacPorts to tell me what ports had been upgraded and, third, I told MacPorts to upgrade only the bash port and not every port that has an upgrade (as arbitrarily upgrading random binaries can have side effects).