Security vulnerability reported in Trend Micro security products


Security vulnerability reported in Trend Micro security products

Antony Savvas

A vulnerability has been reported in Trend Micro anti-virus and internet security products that can be exploited by remote attackers to cause a denial of service (DoS) attack to crash networks.

Internet security software firm Secunia said the vulnerability is caused due to an error within the processing of UPX compressed executables.

This can be exploited to cause a buffer overflow when scanning a specially crafted UPX compressed executable file.

Successful exploitation may allow execution of arbitrary code or cause the system to crash, said Secunia.

The vulnerability reportedly affects all Trend Micro products that use the firm’s Scan Engine and Pattern File technology, which is most of its products.

Users can address the problem by updating to Trend Micro’s virus pattern file to 4.245.00 or higher.

Link to Trend upgrades SME security offering

Link to Trend Micro advisory

Comment on this article:

David Lacey’s security blog
The latest ideas, best practices, and business issues associated with managing security


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy