Take the pledge to vote

For a better tommorow#AajSawaroApnaKal
  • I agree to receive emails from News18

  • I promise to vote in this year's elections no matter what the odds are.
  • Please check above checkbox.

    SUBMIT

Thank you for
taking the pledge

Vote responsibly as each vote counts
and makes a diffrence

Disclaimer:

Issued in public interest by HDFC Life. HDFC Life Insurance Company Limited (Formerly HDFC Standard Life Insurance Company Limited) (“HDFC Life”). CIN: L65110MH2000PLC128245, IRDAI Reg. No. 101 . The name/letters "HDFC" in the name/logo of the company belongs to Housing Development Finance Corporation Limited ("HDFC Limited") and is used by HDFC Life under an agreement entered into with HDFC Limited. ARN EU/04/19/13618
»
1-min read

Trend Micro Fixes Password Manager Flaw that Allowed Malicious Files to Load

Discovered by cybersecurity research firm SafeBreach, the Trend Micro Password Manager's vulnerability could have led to repeated loading of malicious files.

Shouvik Das | News18.com@distantvicinity

Updated:August 14, 2019, 8:50 PM IST
facebookTwitterskypewhatsapp
Trend Micro Fixes Password Manager Flaw that Allowed Malicious Files to Load
Discovered by cybersecurity research firm SafeBreach, the Trend Micro Password Manager's vulnerability could have led to repeated loading of malicious files.
Loading...

Trend Micro has announced the rolling out of a patch for a vulnerability that could have allowed users with malicious intentions to load arbitrary DLL files into the system, hence infecting PCs and disrupting usage. Through this flaw, attackers could have cashed in on the DLL hijacking vulnerability, which made use of the Trend Micro Password Manager's deep-level escalated system access.

In simpler words, given that the Trend Micro Password Manager had high level access to Windows system files, the vulnerability would have allowed attackers to insert an infected DLL file into the system during booting. This, in turn, would allow attackers to host ransomware attacks on PCs by infecting file systems or locking them down. The breach was discovered and disclosed by cybersecurity research firm SafeBreach, which then informed Trend Micro of the vulnerability. The latter subsequently released patch notes earlier today, under identifier CVE-2019-14684 and 14687.

The DLL hijacking vulnerability affected all versions of the Password Manager tool, including the standalone app, and as part of both Premium Security and Maximum Security suites. The cybersecurity software vendor has further disclosed that it did not see any known report of the vulnerability being taken advantage of, and both SafeBreach and Trend Micro have stated that attackers would have needed physical access to a vulnerable device to exploit this, which significantly reduces the chances of infection.

The update for the vulnerability mentioned above has already been released, and given that most antivirus software automatically updates themselves, should have already been patched on systems that were vulnerable through it. For full details on the vulnerability, read SafeBreach's case report here.

Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.

Subscribe to Moneycontrol Pro and gain access to curated markets data, trading recommendations, equity analysis, investment ideas, insights from market gurus and much more. Get Moneycontrol PRO for 1 year at price of 3 months. Use code FREEDOM.

| Edited by: ---
Read full article
Loading...
Next Story
Next Story

Also Watch

facebookTwitterskypewhatsapp

Live TV

Loading...
Countdown To Elections Results
To Assembly Elections 2018 Results