February 25, 2005

Trendmicro security flawed

by brian_turner

Trendmicro has become the third security vendor to be warned by Internet Security Systems that its code could execute malicious programs, rather than remove them.

As reported in Take three: Antivirus apps could spread infection, this follows on earlier discoveries that Symantec and F-Secure software was also vulernable to the same issue, as reported here in Security companies patch serious flaws.

According to CNET:

The vulnerability affects Trend Micro’s Antivirus Library, a common set of code used by at least 29 Trend Micro products, according to separate advisories posted on Trend Micro’s Web site on Wednesday and on ISS’ site on Thursday. An attacker could create a program that exploits the security hole, causing the antivirus program to run a virus instead of blocking the malicious program, the companies said.

“Successful exploitation of this vulnerability could be used to gain unauthorized access to networks and machines being protected by Trend Micro Antivirus Library products,” ISS said in its advisory.

Trendmicro have now released an advisory for the update of it’s products here: Vulnerability in VSAPI ARJ parsing could allow Remote Code execution.

Discuss this in the Internet Business forums

Story link: Trendmicro security flawed


Leave a Reply


Previous: «
Next: »

Visited 3781 times, 1 so far today

Posted in: Security