Security News Bitdefender and Trend Micro security software patched after critical vulnerabilities exposed

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
In the past ten days, Trend Micro and Bitdefender have released blog posts urging customers to update their security software due to Local Privilege Escalation and Man-In-The-Middle (MITM) vulnerabilities, respectively [h/t Heise]. There are six related CVEs listed on their sites, five relating to Bitdefender Total Security and one for Trend Micro Deep Security Agent, and all advise updating to more recent releases. Bitdefender Total Security users are advised to be on product version 27.025.115 or newer, attainable through auto-update, and Trend Micro Deep Security Agent users are advised to update to or download product version 20.0.1-17380.

Of the two companies, Bitdefender seems to have had to patch more vulnerabilities than Trend Micro, though all five are targeted at MITM vulnerabilities in some way. Man In The Middle vulnerabilities allow for the interception and alteration of communications between users and given sites, allowing false pages and certificates to appear legitimate.

Bitdefender's HTTPS scanning functionality was failing to verify certificates across five key scenarios properly: certificates lacking "Server Authentication" specs in Extended Key Usage extensions, incorrect checks of site certificates using MD5 and SHA1 collision hash functions, trust of unauthorized entities who exploit the "Basic Constraints" certificate extension, and improper trust of both certificates using the DSA signature algorithm and self-signed certificates, in general.

That said, Local Privilege Escalation is also quite a major cybersecurity issue, even if Trend Micro is addressing just one relevant vulnerability. Local Privilege Escalation refers to standard users gaining admin or system-level access, and Trend Micro's gap came about as a result of insufficient authentication controls, which doesn't sound like a great issue for software called Deep Security Agent.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top