Security flaw hits Trend Micro antivirus; allows remote code execution
Anti virus vendor Trend Micro is warning users against a potentially serious vulnerability that exists in more than 30 of its security applications.
If the vulnerability is exploited, the company said that an attacker could remotely install and execute code or cause a system crash resulting in the infamous Windows "blue screen of death."
The problem exists in the Trend Micro Scan Engine, a core component of the company's anti-virus applications. When the Scan Engine encounters a certain type of malformed .exe file, it triggers a denial of service (DoS) crash. The DoS can then either be used to remotely install and execute malware code.