Thursday, 17. April 2014

Trend Micro Heartbleed Detector Now Available

500x1500 webHow the Heartbleed bug works

In previous blog entries, we’ve discussed various aspects of the Heartbleed vulnerability in OpenSSL. Last Tuesday, our first blog post covered an analysis of the vulnerability itself, as well as some steps that IT administrators of affected systems could do in order to protect themselves. Later entries looked at how popular websites and mobile apps were, in their own ways, vulnerable to the threat.

To help deal with the Heartbleed vulnerability, we’ve released several tools that can be used to detect possible exposure to the risks:

We have released into the Google Play app store the Trend Micro Heartbleed Detector. This tool is designed to help users tell if they are vulnerable to any aspect of this threat. In particular, it checks for three things:

•  It checks whether the version of OpenSSL used in the device’s version of Android may be vulnerable.
•  It checks whether any OpenSSL libraries embedded in the user’s installed apps may be vulnerable.
•  It checks whether the user’s installed apps communicate to any unpatched (and therefore, vulnerable) servers.

Main Page

Figure 1. Detector application

If any vulnerable apps are detected, the detector offers to uninstall the app for the user:

Summary marked

Figure 2. Vulnerable app detected

We don’t recommend for users to immediately uninstall all vulnerable apps, but this is something everyone should consider for applications that handle critical information, such as mobile banking applications. In addition, it’s a good idea for users to contact the companies that maintain these vulnerable apps to update their apps or websites as soon as possible.

For Chrome users, we’ve also released the Trend Micro OpenSSL Heartbleed Scanner app. The scanner allows for users to check if specific sites are vulnerable to Heartbleed. The tool can be downloaded from the Chrome Web Store.

For other users who want to check if a site is vulnerable or not, you may also do so through our Trend Micro Heartbleed Detector website.

We will continue to monitor this issue and release more information as needed.  For other posts discussing the Heartbleed bug, check our entries from the past week:

•  Bundled OpenSSL Library Also Makes Apps and Android 4.1.1 Vulnerable to Heartbleed
•  Heartbleed Bug—Mobile Apps are Affected Too
•  Heartbleed Vulnerability Affects 5% of Select Top Level Domains from Top 1M
•  Skipping a Heartbeat: The Analysis of the Heartbleed OpenSSL Vulnerability

Post from: Trendlabs Security Intelligence Blog - by Trend Micro

Trend Micro Heartbleed Detector Now Available