Trend Micro Addresses Zero-Day Flaws Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical zero-day vulnerability, tracked as CVE-2023-41179, has been identified in the third-party AV uninstaller module contained in Trend Micro Apex One, Worry-Free Business Security, and Worry-Free Business Security Services. This vulnerability has the potential to allow an attacker to manipulate the module and execute arbitrary commands on an affected installation. This is a serious security issue that can lead to unauthorized code execution with system privileges on deployed agents. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.