[Hot Fix] Attackers can exploit Tmtdi.sys to execute an arbitrary code within the kernel

Support
Solution ID Last Updated
1057336 Date : 2014/04/09 Time:7:39 AM , (PST)


Product/Version Platform
Titanium AntiVirus + - 2011;Titanium Internet Security - 2011;Titanium Maximum Security - 2011;Titanium Smart Surfing for PC - 2011;Trend Micro Internet Security - 2009;Trend Micro Internet Security for Dell - 16.6;
Windows - 7 32-bit, 7 64-bit, Vista 32-bit, Vista 64-bit, XP Home, XP Professional

Problem Description

This article shows you what to do when Tmtdi.sys has a potential vulnerability that attackers can use to execute an arbitrary code within the kernel.

Solution

To resolve the issue, do the following steps:
  1. Log in using an account with administrator privileges on the computer where you installed your Trend Micro program.
    Note: If you have installed software on your computer before, then you probably have these privileges.
  2. Download the hot fix to your desktop by clicking your program below:
  3. Unzip the file that you downloaded, then double-click it.
  4. Select I accept the terms of the license agreement, then click Next.
  5. Browse through the readme file, then click Install.
  6. Click Yes when the Module Update window appears.
    The message “Installation successful!” will appear after installing the hot fix.
Note: The hot fix will check if Irp->RequestorMode is on KernelMode to avoid exploitation from the user mode process.


Rate this Solution
Did this article help you?

Please provide your comments to help us improve this solution.

 
  *This form is an automated system. General questions, technical, sales and product-related issues submitted through this form will not be answered.
 
 

Connect with us on