Back to Information Security

Ceridian Addresses the Bash (also known as "Shellshock") Vulnerability

Updated: September 29, 2014

On Wednesday, September 24, 2014, a major vulnerability in a standard installed component of Unix/Linux/and OS X was found to have a vulnerability that could permit remote access and control of vulnerable systems. This vulnerability is found in the Bourne Again Shell (Bash). The vulnerability can be accessed through SSH and telnet connections.

Like many others, Ceridian has taken immediate action to determine whether the vulnerability exists within our enterprise and, if so, where, to what level, and what the remediation actions might be.

As of 5:00 PM CDT on September 29, 2014, Ceridian has:

  • Established a Vulnerability Response team across the Ceridian enterprise
  • Implemented IPS blocking rules to prevent any Bash exploits across US and Canada. This action is critical to preventing any attempts to exploit the Bash vulnerability within the Ceridian environment. All attempted exploits of Bash traffic are blocked.
  • Implemented:
    • Geo IP blocking for China
    • Blocked specific IP addresses at our border routers that were attempting recurring attacks
  • Completed an inventory of systems within the US and Canada
    • Patched all internal systems where patches were available
    • On the remaining systems, where feasible, we have disabled SSH

The Vulnerability Response team will continue to meet the week of September 29, 2014 to ensure additional patches are applied as they become available.

We will continue to make the protection of your data a top priority. If you have additional questions regarding our Ceridian Information Security Program, please contact your account representative or email