Trend Micro Antivirus Vulnerable to Attacks

Nowadays, there are a lot of solutions designed especially to assure the protection of our computer, but an antivirus product bundled with other security tools is regarded as the most efficient utility to defend our systems. Trend Micro Antivirus is one of the most popular antivirus products on the Internet, being available in multiple flavors such as desktop, server and gateway edition. Because it is currently installed on millions of computers from all around the world, the program is verified and updated periodically, the company aiming to increase the security of the antivirus solution.

Although the company's efforts to improve the application are remarkable, it seems like a new Trend Micro Antivirus security flaw was identified and confirmed by the developers. iDefense Labs published an advisory to announce the vulnerability, sustaining that a successful exploitation can allow an attacker to stop the antivirus engine or execute malicious codes.

"Exploitation allows attackers to crash the scan engine or execute arbitrary code. This vulnerability could be used to gain unauthorized access to machines through common protocols, e.g. SMTP, HTTP, FTP. No authentication is required for an attacker to leverage this vulnerability. Under Windows, the scan engine runs in kernel context. Under Linux, the scan engine runs as a daemon with superuser privileges. As such, an attacker can take complete control of the affected system if successful code execution is attained," iDefense Labs mentioned in the advisory.

Trend Micro verified the issue and confirmed it, adding the solution to avoid the exploitation of the vulnerability: update to virus pattern file 4.245.00 or higher that currently provides two important patches: update of the UPX Parsing algorithm and generic detection for malformed UPX files.

If you think you're affected by this security flaw, you can update the virus pattern file by downloading the latest version from Softpedia, a patch that is available on this link.