As you’ve likely already heard on Sept 24th a new computer security threat was identified and entered into the National Vulnerability Database as CVE-2014-7169. This vulnerability does not affect any Ipswitch products.
The vulnerability, called Shellshock, is a bug in the widely-used Bash shell, the Unix command-line shell that has been around for 20 years. Shellshock affects almost all Linux, UNIX, and Mac OS X operating systems and the US-CERT has given the flaw the maximum CVSS rating of 10/10/10 for severity, impact and exploitability.
Security is a top priority at Ipswitch and as soon as we became aware of the threat we assessed our products and have determined that all supported versions of MOVEit, WS_FTP and MessageWay are not affected by the Shellshock bug.
We strongly recommend you follow the advisories of your respective Operating System provider.