NewsTechonologyTrending News

Trend Micro users told to update and patch now – here’s why

Cybersecurity firm Trend Micro has told users to apply a newly released patch for some of its products immediately, as it looks to address a security flaw that’s being abused in the wild to deliver malware

In a security bulletin, the company said it released a fix for Apex One (version 2019 – on-premise), Apex One as a Service and Agent version 14.0.12637, Worry-Free Business Security (version 10.0. SP1), and Worry-Free Business Security Services (SaaS), and urged users to apply it immediately.

The patch fixes a vulnerability tracked as CVE-2023-41179, a high-severity flaw (9.1 on CVSS) affecting the third-party antivirus uninstaller module that comes bundled with the software. The flaw would “allow an attacker to manipulate the module to execute arbitrary commands on an affected installation,” Trend Micro said.

Abused in the wild

The company also noted that in order to exploit this flaw, the threat actor must first get administrative console access on the target endpoint. Still, the threat seems to be real, as Trend Micro said it “observed at least one active attempt of potential exploitation of this vulnerability in the wild.” For organizations that are unable to apply the patch immediately, the workaround is to limit access to the product administration console to trusted networks, only. 

“However, even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible,” the security pros concluded.

Unfortunately, Trend Micro did not share any more details about the observed attack attempt – namely who the potential victim was, in which industry it operates, or its size. We also don’t know who the attackers were, but we have asked Trend Micro and will update the article if we hear back from them. 

For now, the best way to stay safe is to always update all software and hardware, and have state-of-the-art endpoint protection or firewalls installed. 

More from TechRadar Pro

More blog post here