Views:

Release Date: May 06, 2024

Trend Micro Vulnerability Identifier: CVE-2024-34456

Platform(s): Mac OS

Summary

Trend Micro has released a new version of Trend Micro Antivirus One. This update addresses a vulnerability that previously allowed to inject a custom dynamic library (dylib) into the Antivirus One application, allowing the execution of malicious code within the application's context..

Affected version(s)

PRODUCT AFFECTED VERSION(S) PLATFORM LANGUAGE(S)
Antivirus One Version 3.10.3 and below Macintosh English

Solution

PRODUCT UPDATED VERSION(S) PLATFORM LANGUAGE(S)
Antivirus One Version 3.10.4 Macintosh English

Vulnerability Details

Trend Micro Antivirus One, version 3.10.3 and below is vulnerable to a custom dynamic library injection, which could allow an attacker to potentially insert malicious code into the application’s context.

Trend Micro has received no reports nor is aware of any actual attacks against the affected products related to this vulnerability at this time.

Mitigating Factors

None identified. Customers are advised to ensure they always have the latest version of the program.

Acknowledgement

Trend Micro would like to thank Raffaele Sabato for responsibly disclosing this issue and working with Trend Micro to help protect our customers.

Additional Assistance

Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.

Add a comment