Threat Center Security News No patch seen yet for hole in TrendMicro
No patch seen yet for hole in TrendMicro Print E-mail
Written by Rebecca Mints   
Wednesday, 08 April 2009 01:07

 One of the world's biggest anti-virus companies Trend Micro has admitted in its advisory that the patch for a recently discovered vulnerability is yet to be developed and cautioned users about what has been tagged as a “boundary-condition error” triggered by the flaw.

TrendMicro owns PC-cillin Internet Security and the free online anti-virus scanner HouseCall.

An attacker calling himself “bl@ckeYe” has made a proof of concept exploit code that can bore through the vulnerability found in both the standard and professional edition of TrendMicro Internet Security or TIS.

SecurityFocus describes the flaw as a boundary-condition error located in the 2.52.0.1002 version of the tmactmon.sys or the activity monitor module of TIS.

Positive Technologies, a Russian security company claims that they have discovered the flaw way ahead of time before the attacker posted the exploit code but claims that TrendMicro has ignored their information.

"The IOCTL handler in tmactmon.sys uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate buffer data associated with the Irp object, which allows local users to gain SYSTEM privilieges,"TrendMicro explained in its security advisory.

Mitigation efforts are now underway and Softpedia is reportedly helping out the company to patch the flaw at the soonest time.

 

 

WTW Threat Level