News

Trend Micro Warns of Scan Engine Vulnerability

Anti-virus (AV) specialist Trend Micro Inc. last week warned of a flaw in its AV scanning engine that could result in denial-of-service (DoS) or system takeover.

The flaw affects a variety of products, including Trend Micro's InterScan Messaging Security Suite, InterScan VirusWall, InterScan Web Security Suite, OfficeScan and ServerProtect offerings. Trend Micro's consumer offerings -- such as Trend Micro Antivirus and PC-cillin -- are also affected, officials said.

The vulnerability stems from a corrupted UPX file in Trend Micro's scan engine. An attacker who successfully exploits it can cause a buffer overflow and trigger a Windows Blue Screen of Death (BSOD) or -- more dangerous still -- potentially execute arbitrary code on the compromised system. In the latter scenario, officials concede, an attacker could take control of the system.

The vulnerability was first reported by iDefense Vulnerability Labs, a security researcher based in Sterling, Virginia.

According to iDefense researchers, the flaw can be exploited by means of common protocols, such as SMTP, HTTP or FTP; nor must an attacker successfully authenticate to be able to exploit the vulnerability, iDefense says.

The worst-case scenario -- remote execution of arbitrary code -- stems from the fact that (in Windows environments) the Trend Micro scan engine runs in the kernel context. Under Linux, the engine runes as a daemon with superuser privileges, iDefense researchers say. The upshot, in any case, is severe: an attacker can take complete control of a compromised system, assuming she's first able to successfully execute her malicious payload.

Trend Micro advises customers to update their virus pattern files to 4.245.00. It also plans to incorporate a fix into its upcoming Scan Engine version 8.5 release. In addition, Trend Micro officials say, the AV specialist also distributes a fix for the flaw via its automatic update feature.

About the Author

Stephen Swoyer is a Nashville, TN-based freelance journalist who writes about technology.

Featured

  • IBM Giving Orgs a Governance Lifeline in Agentic AI Era

    Nearly overnight, organizations are facing brand-new challenges caused by self-directed AI systems (a.k.a. agentic AI). Big Blue is extending them some help.

  • Microsoft Launches Integrated E-mail Security Ecosystem for Defender for Office 365

    Microsoft is expanding its e-mail security capabilities with the launch of a new Integrated Cloud Email Security (ICES) ecosystem for Microsoft Defender for Office 365.

  • Microsoft Joins Workday's AI Agent Partner Network

    Microsoft has become a key partner in Workday's newly launched AI Agent Partner Network, aligning with other industry leaders to integrate AI agents into enterprise workforce systems.

  • LinkedIn CEO Ryan Roslansky To Lead Microsoft's Productivity Initiatives

    In a strategic leadership realignment, Microsoft has appointed LinkedIn CEO Ryan Roslansky to oversee its consumer and small business productivity software division, encompassing Microsoft 365, Teams and AI-driven tools like Copilot.

Most   Popular