Trend Micro Warns of Flaw in its Anti-Virus
Anti-virus vendor, Trend Micro has a serious vulnerability in more than 30 of its security tools, so goes the warning from the firm to its users.
The flaw is exploitable that starts a buffer overflow with the help of a corrupt UPX (Ultimate Packer for Executables) file, the software developer declared in an advisory. For instance, an attacker could dispatch e-mail carrying the malicious file to a PC containing the flawed anti-virus software.
Everything should be all right with most users, said Mike Sweeny, a spokesman for Trend Micro to Information Week. The automatic updates included a fix and the software requires an update, not more than once every day.
Sweeny says his company detected the flaw very recently so they have been able to adopt protective measures by now. Also, they have not found any exploit code taking advantage of the vulnerability.
The vulnerability could allow an attacker to gain remote control of the system, the advisory added. According to Sweeny, their rival anti-virus software firm VeriSign first drew Trend Micro's attention to the flaw.
Another rival, Symantec said an attack could arrive from various sources like a website or an e-mail message. The flaw is liable for passive exploitation with the help of multiple remote vectors. This is possible by employing the anti-virus application against network streams, or automatically against e-mail attachments, warned Symantec for the benefit of subscribers to its DeepSight threat management network.
Since the flaw allows remote installation and execution of code on vulnerable systems, security company Secunia labeled the flaw "highly critical".
According to experts, anti-virus software is attracting hackers' growing interest to make them their targets. Symantec admitted that in January there were persistent attacks from worms on a hole the company detected in its corporate anti-virus appliance.
Trend Micro has released a signature update to patch the UPX algorithm and also detection mechanism for infected UPX files. A permanent fix will be available in future when the security application upgrades to version 8.5. The update would be available from the Trend Micro Web site manually by following the instructions or automatically via the products' auto-updater.
Related article: Trend Micro Detects Spam Mail Declaring World War III
» SPAMfighter News - 21-02-2007