3/14/2024 0 Comments Trend micro housecall review 2015Users should be advised that HouseCall remains installed on computers even after the initial scanning is done, in order to assure faster updating for later such processes. Trend Micro released a hot fix that patched this vulnerability on December 18, in the form of HouseCall 6.6 Hot Fix Build 1285. More specifically, the flaw located in the Housecall_ActiveX.dll control is caused by a use-after-free error, gives an attacker the ability to remotely execute code on the victim machine, if the user is tricked into visiting a page that has a special “notifyOnLoadNative()” callback function embedded into it. The vulnerability discovered by researchers from the Danish security firm lies in the ActiveX engine of the popular online scanner, and can be exploited remotely through a maliciously crafted web page. HouseCall is an online anti-virus scanning service from Trend Micro that is deployed in the form of an ActiveX control to Internet Explorer users, or a Java applet to Firefox and Mozilla Suite ones. If exploited successfully, the bug allows for remote code execution, and the system is completely compromised. The security research company Secunia has released an advisory regarding a highly critical vulnerability that affects Trend Micro's free online HouseCall scanner.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |