Security vulnerability reported in Trend Micro security products

News

Security vulnerability reported in Trend Micro security products

Antony Savvas

A vulnerability has been reported in Trend Micro anti-virus and internet security products that can be exploited by remote attackers to cause a denial of service (DoS) attack to crash networks.

Internet security software firm Secunia said the vulnerability is caused due to an error within the processing of UPX compressed executables.

This can be exploited to cause a buffer overflow when scanning a specially crafted UPX compressed executable file.

Successful exploitation may allow execution of arbitrary code or cause the system to crash, said Secunia.

The vulnerability reportedly affects all Trend Micro products that use the firm’s Scan Engine and Pattern File technology, which is most of its products.

Users can address the problem by updating to Trend Micro’s virus pattern file to 4.245.00 or higher.

Link to Trend upgrades SME security offering

Link to Trend Micro advisory

Comment on this article: computer.weekly@rbi.co.uk


David Lacey’s security blog
The latest ideas, best practices, and business issues associated with managing security

 


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
 

COMMENTS powered by Disqus  //  Commenting policy