Apple at risk of infection from 'Bash' bug

Why the Bash bug could rival Heartbleed: CNET editor

A major security flaw that could affect Apple's Mac and Linux operating systems has been discovered, with security experts claiming it to be more dangerous than the recent Heartbleed bug.

The Shellshock bug creates a vulnerability in "Bash" – a software that controls the command prompt on many computers running the Unix operating system. The command prompt is integral to the running of computers and is behind simple tasks such as opening up an application. The Shellshock bug could therefore allow hackers to access and control a system remotely

Read MoreHeartbleed bug: Is changing your password enough?

"It is that interface that makes things happens. It is unlikely that there is Linux-based system that doesn't run Bash, it's pretty huge," Ernest Hilbert, former FBI agent and head of cyber investigations for EMEA at risk consultancy Kroll, told CNBC by phone.

Bigger than Heartbleed

Apple's Mac OS X and Linux-based systems could be open to attack with security experts warnings that this vulnerability could be more damaging than the Heartbleed bug discovered in April.

weerapatkiatdumrong | Getty Images

The Heartbleed bug was discovered in OpenSSL software—an encryption service used by around two-thirds of websites to protect information sent to and from web pages.

But the Shellshock vulnerability could allow hackers to insert malicious pieces of code from a remote location and potentially take control of a machine.

Read MoreRussia, Iraq tensions stoke cyber attack threat

"The difference in significance is that with Heartbleed, what somebody could grab credentials of a user and do what they wanted, but in this case, if somebody is vulnerable, it potentially allows someone to get full system control of a victim's system," David Emm, senior security research at Kaspersky Lab, told CNBC by phone.

Patching the vulnerability

Users have been urged to "patch" or update their OS to protect against the bug by the United States Computer Emergency Readiness Team (US-CERT), part of the Department of Homeland Security.

Red Hat and Ubuntu are among the companies who have released a patch. Tech publication Ars Technica ran a test on Apple's latest OS Mavericks and found a vulnerability. At the time of publication, Apple had not responded to a CNBC request for information on whether it has released a patch.

Read MoreCan your fridge be hacked in the 'Internet of things'?

With all the spotlight on the Shellshock vulnerability, one expert has warned that hackers will soon figure out how to exploit it and users should download any available updates as soon as possible.

"If you don't patch it, once of all this has been announced, people will start to work out how to use it," Sian John, senior security strategist for EMEA at Symantec, told CNBC by phone.

"The minute a vulnerability becomes public, people will look to see how they can exploit it."