Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Trend Micro Patches Zero-Day Endpoint Vulnerability
The critical vulnerability involves uninstalling third-party security products and has been used in cyberattacks.
1 Min Read
Source: Sergey Nivens via Adobe Stock
Trend Micro has released an advisory covering a critical zero-day flaw — tracked as CVE-2023-41179 — that affects Apex One, Apex One SaaS, and Worry-Free Business Security.
The vulnerability can be exploited for arbitrary code execution, and it revolves around the "products' ability to uninstall third-party security software."
The advisory, written in Japanese, details how an attacker would need access to a product's administrative console and would have had to have stolen its management console authentication prior to the attack, since the vulnerability can't infiltrate a network on its own.
Trend Micro also noted that this vulnerability has been exploited in the wild, having "confirmed that this vulnerability has been used in actual attacks. We recommend updating to the latest version as soon as possible."
Patches have been released for products impacted by this vulnerability.
About the Author(s)
You May Also Like
More Insights
Webinars
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Events
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024
