Trend Micro Antivirus One: Code smuggling possible in macOS scanner
Trend Micro's Antivirus One can be used to inject arbitrary code under macOS due to a vulnerability. An update is available.
(Bild: vectorfusionart/Shutterstock.com)
Anyone using Trend Micro's Antivirus One under macOS is affected by a security vulnerability in the software. Attackers can use it to execute arbitrary code. Updated software is available that seals the security leak.
In a security advisory, Trend Micro's developers warn that in older versions of Trend Micro Antivirus One software on Macs, a custom dynamic library could be injected into the antivirus app. This allows malicious actors to execute malicious code in the context of the antivirus app and therefore with high privileges (CVE-2024-34456, CVSS according to CERT-Bund 8.8, risk"high").
Antivirus One: Update available
The programmers at Trend Micro explain that the software is vulnerable to the vulnerability up to and including version 3.10.3. The update to version 3.10.4 corrects the underlying error. Trend Micro recommends that users ensure they are using the latest version of the program. If necessary, it helps to run the update check once manually to download and install the secured software version.
The IT security company also adds that it has not yet received any reports that the vulnerability in the vulnerable products is currently under attack.
On macOS the dynamic libraries are called dylib, on Windows they are known as DLLs (Dynamic Link Library). DLL injection vulnerabilities are quite common in Windows, but are rarely found in Linux and unixoid operating systems.
Trend Micro recently patched a security vulnerability in the Apex Central security software. This was not successful at the first attempt, which is why the company delivered a second security update at the end of January.
(dmk)