Trend Micro has announced the rolling out of a patch for a vulnerability that could have allowed users with malicious intentions to load arbitrary DLL files into the system, hence infecting PCs and disrupting usage. Through this flaw, attackers could have cashed in on the DLL hijacking vulnerability, which made use of the Trend Micro Password Manager's deep-level escalated system access.
In simpler words, given that the Trend Micro Password Manager had high level access to Windows system files, the vulnerability would have allowed attackers to insert an infected DLL file into the system during booting. This, in turn, would allow attackers to host ransomware attacks on PCs by infecting file systems or locking them down. The breach was discovered and disclosed by cybersecurity research firm SafeBreach, which then informed Trend Micro of the vulnerability. The latter subsequently released patch notes earlier today, under identifier CVE-2019-14684 and 14687.
The DLL hijacking vulnerability affected all versions of the Password Manager tool, including the standalone app, and as part of both Premium Security and Maximum Security suites. The cybersecurity software vendor has further disclosed that it did not see any known report of the vulnerability being taken advantage of, and both SafeBreach and Trend Micro have stated that attackers would have needed physical access to a vulnerable device to exploit this, which significantly reduces the chances of infection.
The update for the vulnerability mentioned above has already been released, and given that most antivirus software automatically updates themselves, should have already been patched on systems that were vulnerable through it. For full details on the vulnerability, read SafeBreach's case report here.
Comments
0 comment