Skip to content

2014 Press Release

Shellshock vulnerability threatens majority of Internet servers and devices

Taipei, Sep. 26, 2014 - A significant vulnerability called Shellshock has emerged that impacts approx. a half billion web servers and other Internet-connected devices including mobile phones, routers, medical devices, according to the threat defense experts at Trend Micro, a global developer of security solutions.

In short, this is potentially a “plague-like" vulnerability that can exploit command access to Linux-based systems constituting approximately 51 percent of web servers in the world. Because of the pervasiveness, attacks against it could “grow" at a very fast pace. The recent Heartbleed vulnerability is similar in nature to Shellshock, but Heartbleed is dwarfed by the extent and reach of this new vulnerability.

Due to the widespread nature of Shellshock – the action listed below should be taken for the following:

  1. End-user: watch for patches and implement them immediately
  2. IT Admin: if you have Linux, upgrade BASH scripting immediately
  3. Website operator: If BASH is in the script, patch asap, or rescript away from BASH
  4. Hosting co. customer: Ask your provider they’re doing to remedy and apply patches accordingly

Trend Micro has been closely monitoring this situation. More information about this event, please visit

Connect with us on