Menu

Warning: Trend Micro exposes customer PC’s to external attackers

Google Security Research today announced Trend Micro anti-virus has a major design flaw allowing external attackers to execute or install any software on a remote PC.

When you install Trend Micro Antivirus for Windows, it also installs a web server as part of its software suite to handle internal API requests. One of these API request handlers uses the Windows system call “ShellExecute”, which allows you to run any piece of software on the PC. This web server is also running as a privileged user, so even if you don’t have admin access on you PC, this software does!

So for example, someone could send you an email with an attached .html file that, when viewed, could do anything, such as:

  • Format your HD
  • Download and install a keylogger
  • Uninstall TrendMicro Antivirus for you

A link to original announcement from Google:

https://code.google.com/p/google-security-research/issues/detail?id=693

While Trend Micro are working on a fix, the industry analysts are polemicizing whether this was a deliberate feature, not a mistake.
In a world where trust is critical, the crucial question is now being asked: “Are there any more holes and are we even safe from our anti-virus?”

, ,

Share this post

Share on facebook
Share on twitter
Share on linkedin
Share on print
Share on email
Partner

Contact

Downloads

SafeWindow App Download

BankVault Key Downloads

USA

92 Natoma St., Suite 211,
San Francisco, CA USA 94105

+1 650 283 0525

Australia

88 Havelock Street, West Perth,
Western Australia 6005

477 Boundary St, Suite 802 | The Johnson
Spring Hill, Brisbane, Queensland 4000

+61 8 9481 4055
Trusted online by
smart online logo
comodo secure
Facebook Twitter Youtube Linkedin

©Copyright 2021 BankVault Pty Ltd. All rights reserved.

Terms of Service    |    Privacy Policy