1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Trend Micro flaw could have allowed attacker to steal all passwords

Discussion in 'CSO' started by RSS, Jan 12, 2016.

  1. RSS

    RSS New Member Member

    A discovery by a well-known Google security researcher provides further proof how antivirus programs designed to shield computers from attacks can sometimes provide a doorway for hackers.

    Tavis Ormandy, an information security engineer with Google, wrote he found bugs in Trend Micro's antivirus product that could allow remote code execution by any website and steal all of a users' passwords.

    The security firm has confirmed it has released an automatic update that fixes the problems.

    "As part of our standard vulnerability response process we worked with him to identify and address the vulnerability," wrote Christopher Budd, global threat communications manager at Trend Micro, in an email on Monday. "Customers are now getting protections through automatic updates."

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page