informa
/
1 MIN READ
News

'Critical' Trend Micro Flaw Could Cause Crashes

The company reports that a fix for the flaw went out to users in automatic updates earlier this week. The flaw was in the Scan Engine, which is used in many of Trend Micro's products
Trend Micro has warned its users of a "critical" flaw in a wide range of its software products that could cause computers to crash.

Most users should be fine, according to Mike Sweeny, a spokesman for Trend Micro, an antivirus and security software company with global headquarters in Tokyo. A fix for the flaw was included in automatic updates and the software is set to call in for an update at least once a day. Sweeny says users cannot set the updates for any longer period of time than once a day.

"We released it earlier this week so they're already protected," says Sweeny, who adds that they have not seen any exploit code in the wild that exploits the flaw.

The vulnerability is in Trend Micro's Scan Engine, which is a piece of software that's used in many of the company's products, like Trend Micro Internet Security and Trend Micro Office Scan. A corrupted UPX file can cause a buffer overflow and cause the system to crash, according to information on the company's Web site.

The site also says the flaw could enable an attacker to remotely control the system. When questioned, Sweeny said that's not the case.

Sweeny says competing antivirus software firm VeriSign's iDefense team first reported the flaw.

Editor's Choice
Mary E. Shacklett, President of Transworld Data
James M. Connolly, Contributing Editor and Writer