| |
|
|
|
|
I.
|
Description:
|
| |
Trend Micro has become aware of an issue that affects some versions of Trend Micro OfficeScan (OSCE) whereby a remote user could cause a buffer overflow and execute arbitrary code in the context of the currently logged-in user.
|
| |
|
|
II.
|
Products Affected:
|
| |
This issue affects the following Trend Micro products and versions:
|
| |
•
|
Trend Micro OfficeScan (OSCE) versions 7.0, 7.3, and 8.0
|
| |
•
|
Trend Micro Worry-Free Business Security (WFBS) version 5.0
|
| |
•
|
Trend Micro Client Server Messaging Security (CSM) versions 3.5 and 3.6
|
| |
|
|
| |
|
Note: The following products are not affected by this vulnerability as the fix has already been integrated with the product build. |
| |
|
|
| |
|
- OfficeScan version 8.0 SP1 Patch 4 or Later |
| |
|
- OfficeScan versions 10 and 10 SP1 |
| |
|
- Worry-Free Business Security (WFBS) version 5.1 or later |
| |
|
- Worry-Free Business Security (WFBS) versions 6.0 and 6.0 SP1 |
| |
|
| |
|
|
III.
|
Background:
|
| |
The OfficeScan Web Console utilizes several ActiveX controls when deploying the product through its Web interface. One of these controls, objRemoveCtrl, has been found to be vulnerable to a stack-based buffer overflow when embedded in a webpage. An attacker could exploit these issues by enticing a victim into viewing a malicious web page. A successful exploit would allow attacker-supplied code to run in the context of the currently logged-in user.
|
| |
|
|
IV.
|
Impact:
|
| |
A potential attacker could exploit this issue and execute arbitrary code with the user’s privileges or entice them to visit a malicious webpage.
|
| |
|
| |
Please note that only clients that were installed via the Web console would be vulnerable due to the downloaded ActiveX control. Clients installed via other methods would not be affected.
|
| |
|
|
V.
|
Workaround:
|
| |
A temporary workaround has been identified for this issue. Administrators may set the kill bit to prevent the objRemoveCtrl from running in Internet Explorer.
|
| |
|
| |
For more information, please read the following information from Microsoft:
|
| |
How to stop an ActiveX control from running in Internet Explorer
|
| |
|
|
VI.
|
Permanent Solution:
|
| |
To address this issue, Trend Micro has released the following patches for the affected products and versions as listed below:
|
| |
•
|
Trend Micro OfficeScan 7.0 Critical Patch - Build 1395 Server and Client Module
|
| |
•
|
Trend Micro OfficeScan 7.3 Critical Patch - Build 1355 Server and Client Module
|
| |
•
|
Trend Micro OfficeScan 8.0 Critical Patch - Build 1347 Server and Client Module
|
| |
•
|
Trend Micro OfficeScan 8.0 Service Pack 1 Critical Patch - Build 2392 Server and Client Module
|
| |
•
|
Trend Micro OfficeScan 8.0 Service Pack 1 Patch 1 Critical Patch - Build 3034 Server and Client
|
| |
•
|
Worry-Free Business Security 5.0 - Client/Server Security Agent Critical Patch - Build 1400
|
| |
•
|
Trend Micro Client Server Messaging Security 3.5 Critical Patch - Build 1167 Server and Client
|
| |
•
|
Trend Micro Client Server Messaging Security 3.6 Critical Patch - Build 1190 Server and Client
|
| |
|
If you are still having error messages after this latest update, please contact your local Trend Micro Technical Support for additional assistance.
|
Connect with us on
| | | |