Google researcher discovered vulnerabilities in password manager of Trend Micro




Tavis Ormandy of Google’s Project Zero team discovered several vulnerabilities in the password manager of Trend Micro, allowing an attacker could have access to the passwords stored there. It was also possible to execute arbitrary code.

The vulnerability is a remote code execution, which consisted besides the fact that a total of seventy APIs that provide access to the passwords were accessible via the internet. This allows an attacker could execute arbitrary code on a vulnerable machine, and he had access to all the passwords without the user would notice anything about it.

Ormandy claims the bug in less than thirty seconds “Having established. Further, he says that he does not know what to say “about the incident, since the password manager is installed by default with the antivirus software from Trend Micro. The company has released a patch that solves the problems via the automatic update feature, as reports The Register.

It is not the first time that Ormandy discovered critical vulnerabilities in software from other companies, including AVG and ESET. Often this, as in the present case, combined with colorful statements about the severity of the vulnerabilities.


In: A Technology & Gadgets Asked By: [21980 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »

Star Points Scale

Earn points for Asking and Answering Questions!

Grey Sta Levelr [1 - 25 Grey Star Level]
Green Star Level [26 - 50 Green Star Level]
Blue Star Level [51 - 500 Blue Star Level]
Orange Star Level [501 - 5000 Orange Star Level]
Red Star Level [5001 - 25000 Red Star Level]
Black Star Level [25001+ Black Star Level]