All versions of DataArmor and DriveArmor
Background and Impact:
Successful exploitation of this vulnerability could allow an attacker to modify limited cached data related to user authentication and gain access to the DataArmor recovery console.
- Any unauthorized changes made due to this vulnerability would be overwritten the next time a device receives a policy update from the PolicyServer.
- To exploit this vulnerability an individual would need local access to a machine and have a valid user name and password for the device.
• DataArmor 3.0.10 or greater
• DriveArmor 3.0.0 or greater
To address this vulnerability, Trend Micro has developed and tested new installers for DataArmor and DriveArmor and an update patch for DataArmor. These product updates and new installers will be made available to all active clients regardless of support or maintenance end dates.
- New Installers - new DataArmor SP7g x86 and x64 installs are delivered in build 220.127.116.111 available for download effective January 20, 2012.
- The only supported upgrade path for the DataArmor SP7g update is via SMS (or other push method) or by manually running the executable locally on a client PC.
- A reboot is required after application of the update to restart the Mobile Sentinel service
- x86 DataArmor patch – the DataArmor SP7g x86 update is available for download effective January 20, 2012.
- x64 DataArmor Patch - the DataArmor SP7g x64 update patch is currently in development and scheduled for release by Friday, January 27, 2012.
- New DriveArmor x86/x64 installs are delivered in build 18.104.22.1689 available for download effective January 20, 2012.
- The DriveArmor upgrade process is to uninstall and reinstall the product.
- This process can be scripted and pushed or executed manually.
This vulnerability was reported to Trend Micro by Stuart Passé from NGS Secure.
Downloading the New Trend Micro Endpoint Encryption Software
All Trend Micro Endpoint Encryption software download requests must be logged for tracking purposes as this technology is export-controlled by the US Government.
Pre-established customer-approved technical contacts will be sent an email on 20 January 2012 with a secure download link for the new software.
All other customers may request the new Trend Micro Endpoint Encryption software by selecting from the appropriate link below and opening a service request: