Multiple Trend Micro Products CVE-2019-18190 Arbitrary Code Execution Vulnerability

Description

Multiple Trend Micro Products are prone to an arbitrary code-execution vulnerability. An attacker can leverage this issue to crash the affected application or execute arbitrary code in the context of the affected application.

Technologies Affected

• Trend Micro Antivirus+ Security 16.0
• Trend Micro Internet Security 16.0
• Trend Micro Maximum Security 16.0
• Trend Micro Premium Security 16.0

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Allow only trusted individuals to have user accounts and local access to the resources.

Block external access at the network boundary, unless external parties require service.
If global access isn’t needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.

Implement multiple redundant layers of security.
Since this issue may be leveraged to execute code, we recommend memory-protection schemes, such as non-executable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.

Updates are available. Please see the references or vendor advisory for more information.