Skip to main content

Serious vulnerability discovered in Trend Micro's software

Antivirus software is a must for both businesses and consumers to protect themselves against the myriad of threats online.

However, sometimes this software can offer a backdoor into a users system that can be exploited by cybercriminals. Tavis Ormandy, one of Google's information security engineers, recently found such a backdoor in Trend Micro's antivirus software.

Ormandy found bugs in the software which could allow any website to execute code remotely to steal all of a user's passwords. Trend Micro offers a password manager as part of its antivirus software suite and it was by using this feature of the software that the bug was discovered. Users can store their passwords using the software and are able to export their passwords to it. Trend Micro's password manager is written in JavaScript and has multiple HTTP remote procedure call ports to deal with API requests. Ormandy was able to find one that accepted remote code and an API which granted him access to passwords that had been stored in the password manager. In total Ormandy was able to discover over 70 APIs that were exposed to the internet.

Trend Micro has released an automatic update that will patch the security holes in its antivirus software that Ormandy was able to find. In the second half of 2015, dozens of serious vulnerabilities have been found in antivirus software from companies including Kaspersky Lab, ESET, Avast, AVG Technologies, Intel Security and Malwarebytes.

It is essential that the companies producing antivirus software take these vulnerabilities seriously and deal with them in a prompt and thorough manner.

Image Credit: Shutterstock / LeoWolfert

Anthony Spadafora
After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal.