On September 24, 2014, a security vulnerability was revealed affecting the standard bash login shell which is broadly deployed and used on Linux hosts. If you were wondering if ArcGIS Server, ArcGIS Online, and Portal for ArcGIS application interfaces are vulnerable to this issue, the answer is no.
However, if you have deployed our products on Linux, we recommend applying your Linux vendor’s security patches immediately to minimize the attack surface of your systems. Patching Linux also applies if you are utilizing one of our ArcGIS Server Ubuntu Amazon Machine Images (AMI), as described on the Ubuntu site.
Lastly, maintenance will be performed on some of the ArcGIS Online cloud infrastructure components residing within Amazon Web Services over the next several days, but we do not anticipate a disruption of operations.
– The Security Standards & Architecture Team