Trend Micro patches remote exploitable vulnerabilitiesBest Security Tips offers daily news, information, advices and tips about spyware, adware, viruses, trojans, web vulnerabilities, hackers, other threats    Click here for Free IT - Security Resources! | Register now | Login
   
TIPS NEWS TOOLS DOWNLOADS MALWARE FORUM BOOKS FREE MAGAZINES FREE WEBCASTS & VIDEOS
GFI LANguard - New Version 9 Out Now - Dld 30-day trial! del.icio.us  digg  Furl  NewsVine  Spurl  Blinklist  Ma.gnolia  Reddit  Tailrank  YahooMyWeb 
Best Tips
Improve Security of Send...
F-Secure Internet Securi...
How To Prevent Credit Ca...
Windows Services Attacks
Norton Internet Security...
3 Simple Facebook Securi...
How To Setup LimeWire Fi...
ZoneAlarm Internet Secur...
OWASP PHP Top 5
Your Kid Online - A Few ...
Security Scanner
Security Categories
 1. Adware/Spyware
 2. Antivirus
 3. Firewall
 4. Phishing
 5. Linux Security
 6. Windows Security
 7. Security Incidents
 8. Web Security
 9. P2P Security
Advertise With Us!
Latest Viruses / Threats
Bugtraq: Re: Joomla Component GameQ
2008/12/4 18:16:29
Bugtraq: [ MDVSA-2008:237 ] apache2
2008/12/4 18:16:29
Bugtraq: [USN-687-1] nfs-utils vulnerability
2008/12/4 18:16:29
Bugtraq: iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability
2008/12/4 18:16:29
Mal/Gampass-C
2008/12/4 16:42:07
Downloads
 0.Advanced Audio CD Ripper
 1.Aplus video to Xbox Converter
 2.MediaBatcher Module
 3.Pianito MicroStudio
 4.Creative Design ChartMaker
 5.365 Deep Space Screen Saver
 6.TV Pro 2.0
 7.Witch PIM
 8.SSCP Security Exam Guide + 3 More FREE ...
 9.PL Compiler MYOB Excel
RSS / Atom Feeds
Antivirus : Trend Micro patches remote exploitable vulnerabilities
Posted by Max on 2007/2/23 17:01:33 (887 reads)
Antivirus

Trend Micro has patched vulnerabilities in ServerProtect for Microsoft Windows, NetApp and EMC. It is not the first time when a big security vendor has to pacth it’s own products. The vulnerabilities were remotely exploitable and this is how the exploit could have been succesfuly launched.

An attacker on a local network could exploit the vulnerability by sending a malformed network packet targeting ServerProtect's 'StCommon.dll' component.


Once the exploit has been successfully launched, an attacker could remotely execute code on the compromised server.

Trend Micro has issued a fix for the Windows version of the vulnerability in the support section of its website. The EMC and NetApp versions will not be patched until 19 and 29 March respectively, the company said.

Security firm Secunia noted that the attack had to be carried out on a local network, and rated the vulnerability as 'moderately critical' despite the possibility for remote code execution.

Secunia recommends that users install the patches as soon as they are available.

This is the second time in two weeks that Trend Micro, which makes its money plugging others' security holes, has had to patch vulnerabilities in its own software.

Earlier this month, the company issued a patch for a vulnerability that affected more than 30 of its security products.

Source : PCAuthority




Other articles
2008/12/4 2:24:49 - Google Chrome Browser to Get Security Extensions
2008/12/4 2:04:47 - Practical Guide for Secure Christmas Shopping by Panda Security
2008/12/1 4:01:09 - GFI Releases the Most Advanced Version of GFI LANguard™
2008/12/1 3:46:23 - New From Symantec : Norton AntiVirus 2009 Gaming Edition
2008/11/26 14:25:35 - NEW! FREE IObit Advanced SystemCare Version 3.0
2008/11/26 14:21:32 - Discretix and MontaVista Linux Release DRM Content Protection
2008/11/23 5:41:27 - High School Musical Songs and Videos Used to Infect Unsuspecting Users
2008/11/23 5:18:40 - Beware Microsoft, Free Anti-Virus Is a Hard Taks ! Warns AVG
2008/11/18 16:16:42 - Beware of Increased Identity Theft on Upcoming Black Friday and Cyber Monday
2008/11/18 16:11:38 - Microsoft Plans New FREE Antimalware Product Codename "Morro"

The comments are owned by the poster. We aren't responsible for their content.



 

HOME | NEWS | SECURITY BLOG | TOOLS | DOWNLOADS | SECURITY BOOKS | TIPS | SITEMAP | TERMS AND CONDITIONS | INTERNET SECURITY SEARCH ENGINE | ADVERTISE ON THIS SITE | CONTACT
Jan '08 | Feb '08 | Mar '08 | Apr '08 | May '08 | Jun '08 | Jul '08 | Sep '08 
Best Security Downloads offers 4000+ free and free to try security downloads