A vulnerabilities for promotion of authority to a security product for the trend micro

The JPCERT Coordination Center (JPCERT/CC: Japan Computer Emergency Response Team Coodiness Central) is on October 25, "JVNVU#92842857: Acquisition of the right to accept the end of the endpoint for the endpoint for the trend micro corporation."Endpoint security products for companies have discovered a vulnerability of promoted authority and reported that the company has released a security update.According to this vulnerability, it may be an attacking service operation (DOS) attack.

トレンドマイクロの企業向けセキュリティ製品に権限昇格の脆弱性

The information on the relevant vulnerabilities is summarized in the following security advertisements.

If this vulnerability is misused, a third party may be promoted and any file may be created on an affected system.As a result, there is a danger that the service will be rejected.

The affected products and versions are as follows.

APEX ONE 2019, virus buster Corp., Virus Buster Business Security can avoid the impact by applying the modified patch released by the trend micro.The cloud service APEX ONE SaaS and the virus buster business security service have been revised in the September update.