Uninstall QuickTime for Windows now

Trend Micro is advising everyone to follow Apple’s guidance and uninstall QuickTime for Windows as soon as possible.

Chris Budd, Global Threat Communications, Trend Micro, explains in a blog post that Apple is deprecating QuickTime for Microsoft Windows. "They will no longer be issuing security updates for the product on the Windows Platform and recommend users uninstall it. Note that this does not apply to QuickTime on Mac OSX," he said in the post.

Trend Micro had also released two advisories -  ZDI-16-241 and ZDI-16-242,  detailing two critical vulnerabilities around heap corruption remote code execution affecting QuickTime for Windows.

"These advisories are being released in accordance with the Zero Day Initiative’s Disclosure Policy for when a vendor does not issue a security patch for a disclosed vulnerability. And because Apple is no longer providing security updates for QuickTime on Windows, these vulnerabilities are never going to be patched," Budd pointed out.

Using QuickTime for Windows, Budd said, is now subject to increasing risk like Microsoft Windows XP and Oracle Java 6 as software that is no longer being updated to fix vulnerabilities.

Interested?

Learn how to uninstall Apple QuickTime for Windows from the Apple website

Trend Micro TippingPoint customers have been protected against these two vulnerabilities since November 24, 2015 with filters 21918 (ZDI-CAN-3401) and 21919 (ZDI-CAN-3402).

posted from Bloggeroid

Shopping online? Read Trend Micro's shopping tips first

Online shopping is gaining traction in Singapore and around the region, with analysts saying that the online retail market in ASEAN nations could grow by up to 25% annually through 2017*.

While online shopping offers fast (and sometimes free) shipping, as well as saving one’s time, effort and money, it also presents serious threats that are often overlooked, from cybercriminals to online scammers that target consumers’ personal information and money, Trend Micro says.

The company has put together a list of tips on how shoppers can protect themselves:

Watch out for basic web threats

· Spam or junk mail – this seemingly harmless threat is something we all encounter almost every day. Spam or junk mail may seem like annoying mainstays of your inbox, but they can also contain dangerous links that could lead to the download of malware.

· Phishing – this is a method that involves the use of email, instant messages, social media posts, fake websites, and even phone calls to steal information. Phishing attempts are designed to look legitimate, but are used to trick people into divulging personal information or login credentials.

· Adware – these come in the form of popups or web links that deliver advertisements without your permission. Though not inherently harmful, adware can display highly-targeted ads based on data collected by spyware. Essentially, they are designed to track your browsing habits.

Safeguard online habits

Connect to a secure network – avoid using open or public Wi-Fi, as it offers attackers a bigger chance to intercept your connection and obtain your access details such as passwords and user names.

Bookmark websites – to avoid typing in the wrong address and landing on a dangerous or phishing website, always bookmark your most trusted shopping sites.

Avoid opening unusual emails and links – to the untrained eye, distinguishing a valid email from a fake one can be difficult. Find out if the email is dangerous by looking out for outrageous subject lines with “offers” that seem too good to be true. If you are still unsure, doublecheck with an official source.

Think before you click – as mentioned above, ads can be more than just pesky popups these days. Be wary of ads that come from sites you visit, including social media sites, as malicious ads can be tailored to compel a click that can infect your system with malware.

Install security patches and browser updates – keeping browsers and apps updated can reduce the risk of vulnerabilities that can be exploited.

Read your end-user license agreement (EULA) – this is a good security practice that most users overlook, but it is a great way to beef up security and avoid unwanted privacy issues. Check the EULA if the app or service you are using is monitoring your online activities, or if the software publisher is giving your information to third parties.

Make sure the order checkout is encrypted – hackers can easily exploit vulnerabilities to obtain personal details like your password or other information. If you are shopping online, be sure to use sites with encrypted payment forms.
Keep track of your bank or credit statements – to ensure that no fraudulent charges are being incurred, check your statements regularly for any unverified transactions.

Paul Oliveria, Technical Marketing Researcher at Trend Labs, Trend Micro said: “Our growing dependency on the Internet makes all of us an attractive target for cybercriminals. The simplest way to stay safe online is to be aware of the vulnerabilities and what you can do to counter them."

*AT Kearney. Lifting the Barriers to E-Commerce in ASEAN. Singapore: Geir, O, Soon, GC, Gergele, O, & Bartolucci, F. 2015.

Android vulnerability renders phones lifeless

Trend Micro has discovered a vulnerability in Android that can render a phone apparently dead. The handset does not ring, make notification sounds, and is unable to make calls, with a lifeless screen. If the phone is locked, it cannot be unlocked.

The vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop), the company said, pointing out that these versions account for more than half of Android devices in use today. "No patch has been issued in the Android Open Source Project (AOSP) code by the Android Engineering Team to fix this vulnerability since we reported it in late May," the company said in a statement.

The vulnerability lies in the mediaserver service, which is used by Android to index media files that are located on the Android device. This service cannot correctly process a malformed video file using the Matroska container (usually with the .mkv extension). When the process opens a malformed MKV file, the service may crash, and bring the rest of the operating system down with it.

This vulnerability can be exploited in two ways: either via a malicious app installed on the device, or through a specially-crafted website. The first technique can cause long-term effects to the device – an app with an embedded MKV file that registers itself to auto-start whenever the device boots would cause the OS to crash every time it is turned on, for instance. 

For now, Trend Micro recommends users who have been affected to restart their devices in safe mode.

Interested?

More information is on Trend Micro’s blog post.

Mobile security software such as Trend Micro’s Mobile Security for Android Smartphones and Tablets can help protect data and devices.

The companies which really need to invest in security to stay in business

Organisations should prioritise security above all else or be prepared to struggle to stay afloat if a security breach exposes customer data, warns security firm Trend Micro. The company mentioned the recent Ashley Madison dating website hack as one case where individuals, especially married ones, might be expected to be unhappy to be outed as customers.

"It's about protecting private, personal details and a reputation. When personal details of this nature become public, this opens up the breach victims to blackmail and extortion—at the very least, they could expect situations that involve Internet shaming and awkward explanations," the company noted in a statement.

According to Trend Micro, there are many other companies which need to focus on security to the nature of their business: 

Online retailers such as Lazada, Zalora, Taobao, or basically any company which sells anything online

"Customers want to have the ease of being able to shop online without being at risk of having their personal details exposed and stolen. With multiple transactions involving credit card details and banking information, it’s a gold mine for cyber attackers," the company said.

Cloud storage and sharing services - DropBox, iCloud 

Anything gets saved on these services, including confidential data. "Ensuring server security and providing secure processes such as two factor authentication reduces the risk and increases security for data storage. Similarly, let’s not forget that users also have to play their part in being savvy on having hard-to-guess passwords and so on," Trend Micro commented.

Messaging services - Line, WhatsApp, WeChat, and email services - Gmail, Yahoo, Outlook.com 

Eavesdropper alert - what if private conversations were made public? While messaging services need only worry about hackers stealing conversations or customer information, breaching email is the jackpot. Besides being a source of confidential data and conversations, email is often a method of authentication, and a common way of getting phished. Trend Micro’s 2014 Roundup Report Magnified Losses, Amplified Need for Cyber-Attack Preparedness showed an 88.65% increase in the volume of phishing sites in 2014, so the danger is worse than ever before.

"It’s on both the business and the user to provide and understand security measures that should be taken. Being cautious to targeted attacks such as phishing scams is one example," Trend Micro said. 

"Companies that hold the personal data of their users need to go above and beyond what regulations call for, to reassure their users that they are doing all they can to protect their users."

Trend Micro shows how Android devices can be made more secure

According to Strategy Analytics, Android dominated the global smartphone market in 2014 with 1 billion units shipped worldwide, accounting for 81% of all smartphones shipped last year.

“Many users choose Android over other OS-based devices because first, the devices can be relatively cheap; second, it’s known for fast and efficient data storage and third, it’s available across different form factors, brands, and price points,” said Paul Oliveria, Researcher at Trend Micro.

Since it is so common, Android is also popular with hackers. Trend Micro has come up with a list of seven security tweaks that mobile users can employ to protect their data:

1. Lock the screen – Enabling a screen unlock code will prevent a device thief from accessing your mobile data.

2. Protect your data – Android comes with security measures that can be easily enabled. The Android security screen also includes an option to encrypt the device.

3. Strengthen passwords and app permissions – Remember to check the features that the app is allowed to access, and don’t forget to use strong and unique passwords. If passwords are re-used, hackers can also reuse them on other accounts.

4. Install a security app – An app that offers anti-theft features like remote wipe-out, tracking, and locking, as well as malware scanning and detection can help mitigate potential threats.

5. Connect to secure networks – Unsecured Wi-Fi networks can be used to intercept data in a ploy called a 'man in the middle' attack. Avoid conducting online banking, financials, and purchasing over public networks. Home Wi-Fi should be secured with a password.

6. Avoid rooting your device – While rooting allows more control over a device, it could also allow malicious apps to access data. This also makes it difficult to patch and update the OS and apps, which could leave your device vulnerable.

7. Download from official app stores – Downloading from third-party sites or app stores is one of the easiest ways for any mobile device to get infected. Limiting your apps to those from official or trusted app stores (like the Google Play app store) can lower the risks.

Need context?

Read Trend Micro’s blog post on securing an Android device

Read the TechTrade Asia blog post on Android smartphones being the most popular device for business smartphones.

Trend Micro warns of hackers targeting SMBs

Source: Trend Micro website.

Trend Micro says hackers may send you friendly emails with nasty attachments in order to hack your business. The company says it is a departure from generic spamming, and may become a standard attack method in Asia Pacific.

In its Piercing the HawkEye: Nigerian Cybercriminals Use a Simple Keylogger to Prey on SMBs Worldwide report, the company said that two Nigerian hackers, dubbed "Uche” and “Okiki”, target small and medium sized businesses (SMBs) around the world with Hawkeye, a cheap keylogger*. 

Most of the companies targeted by HawkEye are companies from developing countries such as India and Iran as they have many SMBs. Hong Kong accounts for 5% of the victims however, suggesting the territory's continued vulnerability as a target. 

In the case of the operations run independently by the two Nigerian cybercriminals the attack typically includes these steps:

Build rapport with victims through a series of emails prior to delivering the a file attachment that contains suspect software (malware). The attachment is disguised so the victim is unaware of the attack on their system.

Hawkeye is used to steal email and website credentials, as well as logging keystrokes.

Cover tracks by using methods such as multiple email accounts.

"It doesn’t take an advanced malware to disrupt a business operation. In fact, even a simple keylogger is enough to do it. The series of malware attacks launched by the duo dispels the notion that only very large enterprises are vulnerable to cybercrime attacks. SMBs are also at risk, smaller regional offices may be exploited as a means to reach the global office," said Trend Micro in a statement.

Need background?

More details can be found in the report 

Read the associated Trend Micro blog posts here and here.

*A keylogger is software that records everything that is typed into a computer. It can be useful for details such as passwords and other login information. HawkEye costs about US$35.

Hackers turning to LINE to launch cyber attacks in Taiwan

Source: Trend Micro.

According to Trend Micro's Targeted Attack Trends 2014 report, targeted attacks – otherwise known as advanced persistent threats (APTs), have intensified over the past year alongside newly identified techniques. The company has found that mobile messaging application LINE was used as a bait to lure targets in a targeted attack which hit the Taiwan government.

Korean messaging app LINE has a global reach of more than 560 million registered users as of October 2014 according to Statista, while a January 2015 blog post by Metaps, LINE reaches about 75% of the population in Taiwan.

Intended targets received a spear-phishing email that uses LINE as its subject and has .ZIP file attachment with the filename, add_line.zip. The said email message purports to come from the secretary of a political figure and supposedly asked recipients in a Taiwan government office to join a specific LINE group, and to provide some information for profiling purposes. Once users open the .ZIP file, an executable file, add_zip.exe is launched. Trend Micro detects this as BKDR_MOCELPA.ZTCD-A.

Further investigation revealed that this targeted attack is likely related to the Taidoor campaign, which employs malicious .DOC files that shows a legitimate document but executes the malware payload in the background. The LINE malware makes use of the same encryption to hide the network traffic. 

The news reinforces the need for companies to adapt more than ever to the risks posed by targeted attacks, Trend Micro said. Employees should also be wary of opening any email attachments, even from people they know, or if they are invited to download software.

Need more details?

A Trend Micro blog post describes the exploit here.

Trend Micro warns iOS users about Operation Pawn Storm

An alert from Trend Micro has identified an active economic and political cyber-espionage operation called Operation Pawn Storm (OPS). It says OPS targets a wide range of entities, like the military, governments, defense industries, and the media. 

The operation uses three known attack vectors: spear phishing emails, a network of phishing websites that use typo-squatted domains (editor's note: links that are very similar to well-known website links and which could be typed by mistake, such as micrsoft.com), and malicious iframes injected into legitimate websites. 

The actors of Pawn Storm are so called as they tend to target a lot of pawns in the hopes they come close to their actual high-profile targets. When they finally successfully infect a high profile target, they might decide to move their next pawn forward: advanced espionage malware. Trend Micro has also discovered an interesting poisoned pawn—spyware specifically designed for espionage on iOS devices. While spyware targeting Apple users is highly notable by itself, this particular spyware is also involved in a targeted attack.

It is believed the iOS malware gets installed on already compromised systems, and it is very similar to next stage SEDNIT malware Trend Micro found for Microsoft Windows’ systems. Two malicious iOS applications were found in OPS. One is called XAgent and the other one uses the name of a legitimate iOS game, MadCap. 

Source: Trend Micro.

XAgent is designed to work specifically with iOS7, which is still on one of every five iPhones and iPads. IOS 8 users will see multiple notifications that the phone is trying to install an app, and it cannot run without the user launching the app. Both tools have the ability to record audio, which suggests the targeting of offline and confidential information.

Following analysis, Trend Micro concluded that both are applications related to SEDNIT – which is spyware that aims to steal personal data, record audio, make screenshots, and send them to a remote command-and-control (C&C) server. Some of the data theft capabilities include:

· Collecting text messages, contact lists, pictures and geo-location data

· Starting voice recording

· Getting lists of installed apps, processes

· Recording the Wi-Fi status

There may also be other methods of infection that are used to install this particular malware. One possible scenario is infecting an iPhone after connecting it to a compromised or infected Windows laptop via a USB cable.

More information on the malware can be found on Trend Micro’s blog. 

Trend Micro announces zero day vulnerability for Adobe Flash Player on Windows

Trend Micro has shared a new vulnerability affecting Adobe Flash Player for Windows that allows hackers to take over a victim's system. There is no indication that attackers are targeting Adobe Flash Player on other platforms like Mac or Android, the company added. 

TrendLabs researchers have discovered that attackers found this vulnerability first and have been taking advantage of it for some time, a situation called "zero-day” because defenders have no days in which to provide protection against the vulnerability. 

According to Trend Micro, malware that takes advantage of this vulnerability is being spread using malicious banner ads (malvertisements) that may be displayed on legitimate networks. This particular vulnerability is also being used in the “Angler” exploit kit, which is one of the most commonly used exploit kits today and which can spread attacks widely.

Trend Micro advises businesses to:

· Keep systems and programs up-to-date
· Run a mature, full-featured security package

In zero-day situations the first step will only come into effect once Adobe releases a patch. In the absence of a bulletin from the software vendor affected, Trend Micro advises disabling the software until a fix is released.

Trend Micro's existing solutions are able to detect this threat, but the company also recommends that businesses keep themselves protected with an end-to-end advanced persistent threat (APT) solution. 

Read Trend Micro's blog post on the vulnerability here.

Q314 saw cyberattacks grow in volume and sophistication: Trend Micro

Source: Trend Micro website.

The third quarter saw a new critical vulnerability, Shellshock threaten more than half a billion servers and devices worldwide. This major development, as well as an uptick in volume and sophistication of cyberattacks, are detailed in Trend Micro's latest quarterly security roundup report, Vulnerabilities Under Attack: Shedding Light on the Growing Attack Surface. 

The report also reveals web platform and mobile app vulnerabilities that have broadened significantly, resulting in high-impact attacks on businesses and consumers alike.

“Our findings confirm that we are battling rapidly moving cybercriminals and evolving vulnerabilities simultaneously,” said Raimund Genes, CTO, Trend Micro. “With this fluidity, it’s time to embrace the fact that compromises will continue, and we shouldn’t be alarmed or surprised when they occur. Preparation is key and as an industry we must better educate organisations and consumers about heightened risks as attacks grow in volume and in sophistication. 

"Understanding that cybercriminals are finding vulnerabilities and potential loopholes in every device and platform possible will help us confront these challenges so technology can be used in a positive way.”

The report dissects vulnerabilities such as Shellshock, which affects popular operating systems, including Linux,UNIX and Mac OS X. The surprising discovery of the Shellshock vulnerability emerged after going unnoticed for more than 20 years, suggesting the likelihood of more long, undiscovered vulnerabilities lurking within with operating systems or applications.

Vulnerabilities in mobile platforms and apps are also proving to be a greater challenge. As in previous quarters, the report cites that significant and critical vulnerabilities were found in mobile platforms, such as Android. Exploit kits were highly utilised in Web platforms and provided cybercriminals with another resource to compromise victim’s systems.

In an effort to steal credit card information and money, the report also reveals that threat actors are targeting large retailers’ Point-of-Sale (PoS) systems to execute massive data breaches. This ongoing practice further indicates that PoS networks are highly accessible and vulnerable. Cyber thieves also utilised updated versions of older versions of popular malware and online banking malware to successfully target victims.

Click here for the complete report, and read the associated blog post here.

Asia Pacific to see more cyberattacks in 2015

An annual prediction report from cybersecurity leader Trend Micro reveals that retail and financial institutions outside of the US will be increasingly targeted by cybercriminals in 2015.

Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible says that in 2015 there will be a rise of targeted attack campaigns across the Asia Pacific (APAC) region. Such attacks focus their efforts on infiltrating a specific organisation. 

Noteworthy cases in the US and China show that targeted attacks have become the preferred means of intelligence gathering for cybercriminals. The motivations behind these campaigns include obtaining financial information, personal data, top secret classified government data, and intellectual property (IP) such as industry blueprints. 

Trend Micro threat defense experts have already noted attacks against organisations in Vietnam and India, and recently in Malaysia and Indonesia. Attacks in other APAC countries can be expected. In particular, social media will increasingly be abused as infection vectors. Social media can be used to carry suspect links, and also as a reference to personalise the content used to dupe a user into visiting a malicious site or downloading malware.

“What we are seeing today is not a huge surprise. Cybercriminals have increased their velocity and the brutal measures they use to steal information,” said Dhanya Thakkar, Managing Director, Asia Pacific, Trend Micro. “Following the success of targeted attacks from Chinese and Russian cybercriminals, many attackers from other countries will regard cyberattacks as a more practical method to grab a foothold in an organisation.”

Trend Micro Security Predictions for 2015 and Beyond: The Invisible Becomes Visible makes several predictions for 2015:

Targeted attacks will become as prevalent as cybercrime.

A security threat could focus on getting 'command and control' access, such as issuing a command to the hard disk to destroy itself, criminal purposes, hacktivism, espionage, or just destruction. 

David Siah, Singapore Country Manager, Trend Micro likened network protection to Mentos, a popular candy with a hard exterior and a chewy interior. While enterprises invest in hardening the external perimeter, the network inside is still 'soft'. "If someone wants to get in, he will get in, and can do anything within the castle walls," he said. 

Attacks will target Android

The increased adoption of mobile devices will also increase the risk for mobile users. Android—the top mobile platform in APAC, making up an average of 71% of total impressions—has a fragmentation problem. This means the mobile device user has to rely on the device provider to protect the software.

Cybercriminals can take advantage of this fragmentation problem by developing exploits for existing device vulnerabilities that have not yet been patched. This can be done easily using exploit kits similar to the infamous Blackhole Exploit Kit.

Trend Micro also found that companies still believe that they are unlikely to be targeted, or that trusted environments are safe. A survey by Trend Micro found that 35% of companies in APAC are sure they have escaped attacks, whereas more than a quarter (26%) actually said they do not know. The remainder either suspect, or know that they suffered breaches.

Siah.

The reality is that more malicious detections were detected and blocked in Singapore over Q314 than in Q214. Siah said that in Q3, than 7 million attempts were made by Singapore-based users to access malicious websites, with 611,000 attempts trying to get to malicious URLs hosted in the country.

Siah highlighted that common malware like WORM_DOWNAD.AD, codenamed 'Conficker', are still making it to the top 10 in Singapore, implying that Singapore users are not updating their systems regularly, or using an operating system that is no longer supported by Microsoft, such as Windows XP. 

A vulnerability termed CVE-2012-0158 is a favourite means of attack, followed by CVE-2010-0188. The first was discovered in 2012, and the second in 2010, Siah added, showing that victims have not patched their systems against them since 2012 and 2010 respectively. 

Microsoft Office accounts for 53% of targeted attacks, and another 46% are through Adobe Reader. "We live so much with documents today. If there is an attachment I might just click on it, it could present itself as a legitimate document that talks about my work, or a report about the industry that I'm very interested in," noted Siah. 

While lax user practices help the online cybercriminal community, and well-known malware like Zeus is offered free to the community, it may seem like updating systems regularly will be enough protection; but Siah said such updates depend on bugs to be publicly announced by others, after which 'signatures' can be created to detect them. This leaves a window of opportunity in between the announcement of the bug and the availability of the patch for cybercriminals to target users. 

In addition, known vulnerabilities are just the tip of the iceberg. Existing bugs like Shellshock were only announced after decades, while malware can mutate to the point where they are essentially signatureless. "Traditional cybersecurity defences cannot detect such signatureless threats," Siah warned. "Exploiting a vulnerability will be as easy as creating an app."

It is a global problem, even if targeted attacks used to be associated only with countries like US or Russia, Siah further said. Trend Micro is aware of gangs in Brazil and China, and while the cybercriminals may base their operations in one country, they could be connected by the Internet to anywhere else in the world. 

Siah shared that Trend Micro sensors have found that attacks in APAC range across Taiwan, Japan, Indonesia, mainland China, Malaysia, the Philippines and Bangladesh, with Singapore being a relatively minor target. "If a US company has a Taiwan subsidiary, the attackers could go to the subsidiary and once they have gained control of the Taiwan servers they could then jump internally from country to country till they reach the main HQ," Siah pointed out. 

Users should expect that at least one of their accounts, whether on web services or online portals, will be compromised. The prevalence of social media usage in APAC – with about 970 million active social media users – will make users in the region viable targets. Given the predicted increase of attacks next year, cybercriminals will have more opportunities to steal user credentials. As a result, Trend Micro advises users to be more diligent when it comes to password use and online security.

Click here for the full report.

Trend Micro urges Windows users to update Windows to protect against the Winshock bug

A flaw recently discovered in Microsoft Windows has Trend Micro emphasising that Windows users should update their systems immediately. The problem lies in Microsoft’s delivery platform, which is meant to transfer data securely. Trend Micro says that users who ignore the problem are in a “wormable” situation that could enable attackers to commandeer their system without user interaction.

Christened “Winshock,” the bug received a score of 9.3 out of 10 by the Common Vulnerability Scoring System. Higher scores mean that the bug can cause more harm. Based on this classification, and the propensity for attacks following potential exploit announcements, Trend Micro’s Deep Security solution already provides protection against this vulnerability. Microsoft has also released a patch, or a solution against this problem, through Windows updates.

Said JD Sherry, VP, technology and solutions, Trend Micro: “When news like this breaks, cyber criminals go into hyperdrive developing attacks to take advantage of the flaw. As such, it’s important to quickly respond to avoid system disruption and compromise. We are urging our customers to make addressing this bug a top priority and we have provided resources accordingly to complement the latest Microsoft patches.”

Trend Micro experts recommend the following action:

§ Install Microsoft patches immediately
§ Use a browser other than Internet Explorer to reduce risks. Alternative browsers include Google's Chrome, Mozilla's Firefox, and Apple's Safari.
§ Employ newer versions of Windows platforms, supported by Microsoft

More  information can be found in the associated blog post here.

Trend Micro rolls out free tools to protect users against Shellshock (the Bash bug)

Trend Micro, a security software and solutions provider, has released license-free tools to help protect web users against the Shellshock or Bash bug across the Mac OSX and Linux platforms. 

Source: Trend Micro infographic.

Broadly publicised the week of 22 September, Shellshock is a vulnerability that can exploit command access to Linux-based systems and adversely impact a majority of the web servers around the world, as well as Internet-connected devices on the Mac OSX platform. The vulnerability has potential to adversely impact a half billion web servers and other Internet-connected devices including mobile phones, routers and medical devices.

"Since this situation has potential to escalate quickly, we are taking immediate preventative steps to help keep the public safe from this unprecedented vulnerability," said Eva Chen, CEO, Trend Micro. "We believe the most responsible course of action is for technology users to remain calm and apply the resources made available from Trend Micro, and others, to create a strong defensive front. By making our tools accessible free of charge to our customers, and beyond, we are trying to address this 'outbreak' to stop a possible epidemic before it can start."

One of the free tools featured, the on-demand BashLite Malware Scanner, will determine if the BashLite malware is resident on Linux systems.

"Shellshock could be notably more widespread than the infamous Heartbleed from earlier this year," said Raimund Genes, CTO, Trend Micro. "Heartbleed was very different in nature and behaviour. With Shellshock the threats are much more severe."

For those unable to implement the Trend Micro wall of protection against the Shellshock threat, Trend Micro's threat defense experts recommend the following steps to help businesses and end-users mitigate the vulnerability:

• End-users should watch for patches for Mac OSX and implement them immediately.
• Linux system operators should consider virtually patching until a patch is available from their vendor.
• Linux/Apache web server operators using BASH scripts should consider retooling those scripts to use something other than BASH until a patch is available.
• Hosted service customers should contact their service provider to determine if they are vulnerable and find out their remediation plans if they are exposed.

Trend Micro researchers are currently monitoring this vulnerability in the wild to anticipate additional escalations. The company has released a detailed blog post explaining the vulnerability with additional recommendations to stay protected, and created an infographic detailing what the vulnerability is and how it works.