Are you Safe Enough? Serious Vulnerability Found in Trend Micro OfficeScan!

It’s so sad to have to, once again, provide you with unpleasant news regarding computer security. It seems that awful vulnerabilities just won’t stop appearing. This time, a serious vulnerability has been found in Trend Micro OfficeScan Client. Not long ago, the security issue was confirmed and refers to version 8.0 SP1 Patch 1. Other versions might be affected as well. This is extremely worrying due to the fact that this particular vulnerability may allow for attackers to create a denial of service attack, in other words, crash a targeted application.

The question that may be asked is: What is Trend Micro OfficeScan Client? This is a powerful antivirus software that protects your system against viruses, spyware, other security threats and Web-based attacks. Trend Micro OfficeScan allows for the control of the antivirus status of all PCs, laptops and servers from a single web based application. It offers systematic ongoing protection.

This particular vulnerability is called the Trend Micro OfficeScan Client Folder Name Denial of Service Vulnerability. Local attackers could exploit this vulnerability in order to terminate the NTRtScan.exe process and temporarily disable the real-time scanning protection by scanning a specially crafted directory including overly long pathnames. By performing such evil actions, malicious users are able to create denial of service attacks, as was mentioned in the first paragraph of this article.

This vulnerability has been rated as low risk. Some of the file components of Trend Micro OfficeScan include but are not limited to the following: svc_au32.exe, tavupdui.exe, tavsvc.exe.

What is the solution to this security issue? It is a question which may be asked by a lot of Trend Micro OfficeScan users. Unfortunately, at this moment there is no patch available to fix this security problem. Therefore, users are highly suggested to tighten up on their security and stay safe.