O***ffice*the Scan is Trend Micro developed a set designed for a network environment of a desktop computer and actions a user end provides instant and comprehensive anti-virus solution. Security company Silent Signal to one researcher in early through the analysis of the OSCE 10.6 sp1, can be found through a series of low-risk vulnerabilities to achieve remote code execution object, the following is a translation of the original:
Analysis of security software security is my favorite area of research: security software intended to protect your system, but can often be ironic to see,it is the attacker open a door open the door. Earlier this year, I stumbled upon Trend Micro's OfficeScan Security Suite(one may not see more of host protection solutions),still some interesting network to use. Since this software looks more complicated with a broad attack surface, I decided to study in depth. Install the 1 0. 6 sp1 trial version, I can clearly tell you, this software is worth study:
- Service components for the actual provision of the host protective function of the client to achieve centralized management, the most by a binary executable file the way to achieve. EXE and. DLL file
- Service end through HTTP self-renewal
- Client in Internet Explorer to install ActiveX plug-in
There might also be other vulnerabilities. Now I want to share found a series of vulnerabilities, the combination can achieve remote code execution, the vulnerability is a logic and/or the like by encrypting the defect, not the standard of the memory corruption and the like. So it seems that the patch even explore whether they counted vulnerabilities seem irrelevant[i]. Through with vendors for several months after the discussion, in accordance with the“HP ODay initiative”of the disclosure policy, I released this report.