Trend Micro Fixes Privilege Escalation Bug in Password Manager


A vulnerability in Trend Micro’s Password Manager could be exploited to run programs with the permissions of the most privileged account on a Windows system.

An attacker already on the computer could exploit the vulnerability to run with SYSTEM privileges an arbitrary, unsigned DLL file within a trusted process.

This would benefit an adversary because they could execute malicious payloads and evade detection.

Trend Micro’s password management tool is available as standalone software and it is also integrated with the vendor’s antivirus versions for consumers Premium and Maximum Security 2019.

Read more…