Published:2025/07/04  Last Updated:2025/07/04

JVNVU#94870570
Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)

Overview

Trend Micro Incorporated has released a security update for Trend Micro Security for Windows.

Products Affected

  • Trend Micro Security for Windows versions prior to 17.8.1476

Description

Trend Micro Incorporated has released a security update for Trend Micro Security for Windows (CVE-2025-52521).

Impact

  • Arbitrary files or folders may be deleted due to a windows shortcut following (.LNK) vulnerability (CWE-64, CVE-2025-52521)

Solution

Update the software
Update the software to the latest version.
According to the developer, the update is automatically applied via ActiveUpdate.

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia