Security News > 2023 > September > Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
2023-09-20 05:28
Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that's bundled along with the software. The complete list of impacted
News URL
https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html
Related news
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- GitLab warns of critical pipeline execution vulnerability (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- 80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- HPE patches three critical security holes in Aruba PAPI (source)
- Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-19 | CVE-2023-41179 | Unspecified vulnerability in Trendmicro products A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. | 7.2 |