# Debian/Ubuntu sudo apt-get update && sudo apt-get install --only-upgrade bash

The Shell Shocker hack works by exploiting a vulnerability in the Bash shell's handling of environment variables. When a Bash shell is invoked, it loads environment variables from the parent process. If an attacker can manipulate these environment variables, they can inject malicious code into the shell.

A patch for the Shell Shocker hack was released by the Bash development team in September 2014. The patch updates Bash to version 4.1.7-4.3.2, which fixes the vulnerability.