Google Researcher Finds Horrific Security Whole in Trend Micro Antivirus

Jan 10th 2016 - by Fix My PC FREE in: Blog PC Protection News | 0 Comment


Malware may reinstall itself multiple times if you don't delete its core files. This may require tracking down dozens of files in different locations.

We recommend downloading Restoro to eradicate Malware for you (it should cut down the time to about 15 minutes).

>> Download Restoro <<
Google Researcher Finds Horrific Security Whole in Trend Micro Antivirus

You install antivirus software because you expect it to protect your computer.

As one Google researcher discovered, antivirus software doesn’t always work that way. A Google researcher named Tavis Ormandy found a horrific security hole in Trend Micro’s antivirus software.

That hole consists of a set of bugs involving Trend Micro’s password manager. This password manager is reportedly extremely insecure: so an attacker with the right knowledge of these flaws could basically steal all the passwords you keep in that password manager – which is the absolute last thing you want a password manager to do.

Worse, they can attack your computer even if you don’t use the password manager. And they can do all of this through an ordinary browser.

Trend Micro Launches on Startup

Trend Micro’s antivirus flaw occurs at startup. The software automatically launches on startup and has a feature that allows for arbitrary code execution within the password manager.

That password manager is reportedly so flawed that it allows for malicious code execution even if users never use the service.

trend micro password manager

Meanwhile, users who store their passwords within the system could see their passwords exposed to the internet.

The good news is that the passwords are hashed. So even if they’re exposed, it’s not quite as bad as it could be.

The websites to which those passwords belong, however, are stored as plaintext internet domains.

In an example of this flaw, Ormandy demonstrates how he was able to execute Calc.exe remotely from within the browser.

In an angry email to Trend Micro, Ormandy said the following:

“So this means, anyone on the internet can steal all of your passwords completely silently, as well as execute arbitrary code with zero user interaction. I really hope the gravity of this is clear to you, because I’m astonished about this.”

Whew! Go get him, Tavis.

Google Previously Attacked AVG Over Security Holes

Google is going on a bit of a rampage against the antivirus industry as of late.

2 weeks ago, Google attacked AVG Antivirus for breaking Chrome’s security.

In that issue, AVG Web TuneUp was a Chrome extension released onto the Chrome extension store. That extension add numerous JavaScript APIs to Chrome, allowing AVJ to “hijack search settings and the New Tab page”, according to the bug report filed by Tavis Ormandy.

avg antivirus

Yes, the AVG bug report was filed by the same guy who identified the latest Trend Micro antivirus flaw.

In any case, the AVG Web TuneUp fundamentally broke Chrome’s web security platform. This disabled Chrome’s built-in web security for 9 million users.

That’s not the first time AVG had come under fire. Over the last few years, consumers had attacked AVG for installing its AVG SafeSearch toolbar without permission, and then sold data collected through that toolbar to advertisers.

No Comment

Comments are closed.