Actively Exploited Critical Vulnerability in Trend Micro Apex One and Worry-Free Business Security
Vulnerability affects a third party antivirus uninstaller module that is provided with these products
Summary
Vulnerability affects a third party antivirus uninstaller module that is provided with these products
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Trend Micro have published a critical security bulletin regarding CVE-2023-41179, a vulnerability affecting a third party antivirus uninstaller module that is provided with Apex One and Worry-Free Business Security. If exploited, this vulnerability could allow an attacker to manipulate the module to execute arbitrary commands on an affected device.
Active exploitation of CVE-2023-41179
Trend Micro have disclosed that they have observed at least one active attempt of exploitation of this vulnerability in the wild.
Remediation advice
Affected organisations are encouraged to review Trend Micro's Critical Security Bulletin and apply the relevant updates.
Definitive source of threat updates
Last edited: 20 September 2023 3:20 pm