[SECURITY ISSUE FIX] “DoubleAgent”: DLL Injection Potential Security Issue in Trend Micro Security 2017 Process using MS Verifier Provider DLL [CVE-2017-5565]

  • Solution ID: 1116958
  • Last Updated: Apr. 17, 2017 11:50 PM (PST)
  • Applies to: Antivirus+ Security - 2017;Internet Security - 2017;Maximum Security - 2017;Premium Security - 2017;
  • SECURITY ISSUE FIX: “DoubleAgent” 0-day: DLL Injection Vulnerability in Trend Micro Security 2017 Process using MS Verifier Provider DLL

Release Date: March 22, 2017

CVE: 2017-5565

Platform(s): Windows OS

Summary:

Trend Micro has released an update which helps Trend Micro defend against an OS-level security issue that could potentially be exploited in Trend Micro Security 2017 when someone with administrative user rights attempts to inject a DLL to a Trend Micro process by taking advantage of Microsoft’s Standard Application Verifier Provider DLL.

This potential security issue has been dubbed “DoubleAgent” and is said to affect anti-malware products from multiple vendors. Due to the seriousness of this issue, Trend Micro recommends that users of the latest versions of Trend Micro Security update their security software as soon as possible.

Affected version(s):

Trend Micro Premium Security 2017
Trend Micro Maximum Security 2017
Trend Micro Internet Security 2017
Trend Micro Antivirus+ Security 2017


Solution:

As of March 30, 2017, the resolution for this issue is now available from Trend Micro's ActiveUpdate server. Trend Micro Security 2017 customers will receive the fix on the next scheduled update or manually download it by clicking > About the Software on the main console. The latest version is 11.1.1045.

References: