JVNVU#95625951: Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation

Overview

Trend Micro Incorporated has released a security update for Trend Micro Antivirus for Mac.

Products Affected

Trend Micro Antivirus for Mac version 11.8.1283 and earlier

Description

Trend Micro Incorporated has released a security update for Trend Micro Antivirus for Mac.

Impact

An unprivileged user may gain root access by exploiting a leftover file after uninstallation.
For more information, refer to the information provided by the developer.

Solution

Update the software
Update the software to the latest version.
According to the developer, the update is automatically applied via ActiveUpdate.

Vendor Status

Vendor	Link
Trend Micro Incorporated	Security Bulletin: Uninstallation Flaw in Trend Micro Antivirus for Mac Enables Local Privilege Escalation

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia

JVNVU#95625951 Trend Micro Antivirus for Mac vulnerable to Local Privilege Escalation