Skip to main content

Google’s Project Zero chastised Trend Micro over security vulnerability

posted onJanuary 12, 2016
by l33tdawg

When you pay for security software, you probably hope it’s protecting you — not creating a massive security breach in and of itself. But if you ran Trend Micro’s password manager, enabled by default for all Trend Micro users, any site on the web could have executed any app on your computer just by including a bit of code.

A patch issued today mostly solves the problem. But as Ars Technica reports, that only happened because Google Project Zero team member Tavis Ormandy publicly berated the company.

“I don’t even know what to say — how could you enable this thing by default on all your customer machines without getting an audit from a competent security consultant?” wrote Ormandy in a long email exchange the company has since made public.

Source

Tags

Secuity Google

Recent News

Tuesday, November 14th

Sunday, November 12th

Friday, November 10th

Wednesday, November 8th

Monday, November 6th