SECURITY BULLETIN: Trend Micro Security Kernel Driver Null Pointer Dereference Vulnerability

  • Solution ID:1115282
  • Last Updated:Jan. 09, 2019 1:07 AM (PST)
  • Applies to:Antivirus+ Security - 2015, 2016;Internet Security - 2015, Internet Security - 2016;Maximum Security - 2015, Maximum Security - 2016;Premium Security - 2015, Premium Security - 2016;Titanium AntiVirus + - All;Titanium Internet Security - All;Titanium Maximum Security - All;Titanium Premium Security - All;
  • SECURITY BULLETIN: Trend Micro Security Kernel Driver Null Pointer Dereference Vulnerability
Release Date: September 8, 2016
Trend Micro Vulnerability Identifier: 2016-0125
Platform(s): Windows OS
 
Summary:
Trend Micro released a new build of the Trend Micro Security family of consumer-focused products. This update resolves vulnerability in the product that could potentially expose kernel debugging information.
Affected version(s)
ProductAffected Version(s)PlatformLanguage(s)
Premium Security 10.0.1186 and below Microsoft Windows English
Maximum Security 10.0.1186 and below Microsoft Windows English
Internet Security 10.0.1186 and below Microsoft Windows English
Antivirus + Security 10.0.1186 and below Microsoft Windows English

Solution
Trend Micro has released an update to resolve this issue and customers should receive the update automatically as long as they are connected to the Internet.
 
Product VersionsUpdate BuildPlatform
All 2016 Trend Micro Security Products (version 10) 10.0.1288 Windows OS
 
Vulnerability Details
This update resolves a vulnerability in one of Trend Micro Security Network Content Inspection drivers. When an attacker triggers a null pointer dereference it would produce a driver fault and BSOD. The resulting exceptions can be used to elevate privileges or leak the kernel debugging information. Such information will be valuable in planning subsequent attacks.
Trend Micro has not received any reports and is not aware of any actual attacks against the affected products related to the Kernel Driver Null Pointer Deference vulnerability at this time.
 
Mitigating Factors
None identified. Customers are advised to ensure they always have the latest version of the program.
 
Acknowledgement
Trend Micro would like to thank the following individuals for responsibly reporting this issue and working with Trend Micro to help protect our customers:
  • Enrique Elias Nissim
  • Jaanus Kp of Clarified Security working with Trend Micro's Zero Day Initiative
  • @bee13oy of CloverSec Labs  working with Trend Micro's Zero Day Initiative
  • Kasif Dekel & Gal Elbaz of Check PointSecurity Research Team
 
Additional Assistance

Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.