Trend Micro fixes endpoint protection zero-day used in attacks


Level 79
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
Trend Micro fixed a remote code execution zero-day vulnerability in the Trend Micro's Apex One endpoint protection solution that was actively exploited in attacks.

Apex One is an endpoint security solution catering to businesses of all sizes, and the 'Worry-Free Business Security' suite is designed for small to medium-sized companies.

The arbitrary code execution flaw is tracked as CVE-2023-41179 and has received a severity rating of 9.1 according to CVSS v3, categorizing it as "critical."

The flaw exists in a third-party uninstaller module supplied with the security software.

"Trend Micro has observed at least one active attempt of potential attacks against this vulnerability in the wild," reads the security bulletin.

"Customers are strongly encouraged to update to the latest versions as soon as possible."

The flaw impacts the following products:
  • Trend Micro Apex One 2019
  • Trend Micro Apex One SaaS 2019
  • Worry-Free Business Security (WFBS) 10.0 SP1 (sold as Virus Buster Business Security (Biz) in Japan)
  • Worry-Free Business Security Services (WFBSS) 10.0 SP1 (sold as Virus Buster Business Security Services (VBBSS) in Japan)
Fixes were made available in the following releases:
  • Apex One 2019 Service Pack 1 – Patch 1 (Build 12380)
  • Apex One SaaS 14.0.12637
  • WFBS Patch 2495
  • WFBSS July 31 update
A mitigating factor is that to exploit CVE-2023-41179, the attacker must have previously stolen the product's management console credentials and used them to log in.

"Exploiting these type of vulnerabilities generally require that an attacker has access (physical or remote) to a vulnerable machine," explains Trend Micro.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.