strangetruenews

Security flaw in Trend Micro unveiled by Google security Researcher

Google security researcher, Tavis Ormandy has found bugs in Password Manager of global security software company, Trend Micro. Password Mana...

Google security researcher, Tavis Ormandy has found bugs in Password Manager of global security software company, Trend Micro.

Password Manager is a component installed by default with Trend Micro’s Premium Security and Maximum Security home products.

Ormandy informed Trend Micro about his findings on January 05.

The bug which is primarily written in JavaScript with node.js could allow remote code execution by any website and steal all passwords of a user. He also noted that it was also possible to bypass Internet Explorer’s Mark of the web (MOTW) security feature and execute commands without letting the victim receive any notification.

Ormandy took 30 seconds to identify an API that could be leveraged for remote code execution (RCE).  Overall, Ormandy found over 70 APIs exposed to the Internet.

Exploiting a vulnerability can give an attacker deep access to a computer.

Several serious vulnerabilities have been found in the last seven months in antivirus products from vendors including Kaspersky Lab, ESET, Avast, AVG Technologies, Intel Security (formerly McAfee) and Malwarebytes.

Related

Security News 3306897392232693299

Post a Comment Default Comments Disqus Comments

emo-but-icon

Weather Today!

Read More News

Random Article

Hot in week

Popular Posts

Recent

STN

Comments

item