Hotfix for Trend Micro antispyware hole
- — 22 August, 2007 22:45
Trend Micro has released a hotfix that patches a security hole in its consumer antivirus and antispyware tools -- PC-cillin Internet Security 2007, and Trend Micro Anti-Spyware for Consumer 3.5.
The affected software runs on Windows 2000 Professional Edition Service Pack 4 (SP4), Windows XP SP1, Windows XP SP2, and Windows Vista.
According to Trend Micro, the hole was found in its SSAPI anti-spyware engine. Like many critical holes we see, this is another so-called "buffer overflow" error condition vulnerability. The trick is to create an overly long file name path to trigger the buffer overflow.
This looks like it might be a tad difficult for a black hatter to take advantage of because the attacker would already need to have the ability to create a local file or a file on an accessible network share. Additionally, according to researchers at security vendor Secunia, you would also need to have the anti-spyware engine's Venus Spy Trap feature turned on.
Note that this hole was reported by security vendor iDefense and to date there have been no exploits or attacks in the wild taking advantage of the flaw.
Trend Micro offers a hotfix and further information, and says there will be a formal patch available via Trend Micro's ActiveUpdate servers on September 10, 2007.