Affected version(s)
Vulnerability Details
| Product | Affected Version(s) | Platform | Languages |
|---|---|---|---|
| Premium Security | 10 (2016) and 8 (2015) | Microsoft Windows | English |
| Maximum Security | 10 (2016) and 8 (2015) | Microsoft Windows | English |
| Internet Security | 10 (2016) and 8 (2015) | Microsoft Windows | English |
| Antivirus + Security | 10 (2016) and 8 (2015) | Microsoft Windows | English |
Solution
Trend Micro has released updated builds of each of the affected products that most customers will automatically download as part of their routine updates beginning on May 9, 2016.
Customers who wish to check for updates sooner may follow the instructions located here, and may verify that they have at least the build number listed below:
| Product | Updated Build | Platform |
|---|---|---|
| All 2016 Trend Micro Security Products (version 10) | 10.0.1265 | Microsoft Windows |
| All 2015 Trend Micro Security Products (version 8) | 8.0.2063 | Microsoft Windows |
This update resolves some vulnerabilities in the Trend Micro Security family of products in which exploitation of these could lead to potential unintended access to files or execution of scripts on local machines in which the surrounding network or environment may have already been compromised due to a malware infection or other hack.
Trend Micro has received no reports nor is aware of any actual attacks against the affected products related to this vulnerability at this time.
Mitigating Factors
None identified. Customers are advised to make sure their product has a proper internet connection to receive the latest updates automatically from Trend Micro.
Acknowledgement
Trend Micro would like to thank Tavis Ormandy of Google Project Zero for responsibly disclosing this issue and working with Trend Micro to help protect our customers.
Need Additional Help?
Customers who have questions are encouraged to contact our Technical Support for further assistance.
