Trend Micro Patches Two Zero-Days Under Attack

  /     /     /  
Publicated : 23/11/2024   Category : security


Trend Micro Patches Two Zero-Days Under Attack


Businesses are urged to update the Apex One and OfficeScan XG enterprise security products as soon as possible.



Trend Micro has issued critical patches for several vulnerabilities in its Apex One and OfficeScan XG enterprise security products. Attackers have tried to exploit at least two of these flaws.
CVE-2020-8467, one of the two zero-days, is a critical remote code execution vulnerability in a migration tool component in Apex One and OfficeScan. This could allow remote attackers to execute arbitrary code in affected installations. The second zero-day, CVE-2020-8468, is a content validation escape flaw that could let an attacker manipulate certain agent client components. Both of these require valid user credentials for exploitation, Trend Micro reports.
In addition to the zero-days, todays updates address three additional vulnerabilities, all of which are critical and do not require user authentication. Trend Micro says it has not observed attempted exploits of CVE-2020-8470, CVE-2020-8598, or CVE-2020-8599 in the wild.
Patches have been deployed for software versions including Apex One (on premise) CP 2117 for Windows, OfficeScan XG SP1 CP 5474 for Windows, and OfficeScan XG CP 1988 for Windows. Businesses are urged to update to the latest version of each product if a new one is available.
Read more details
here
.
Check out
The Edge
, Dark Readings new section for features, threat data, and in-depth perspectives. Todays featured story:
Beyond Burnout: What Is Cybersecurity Doing to Us?


Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security

▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security

▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Trend Micro Patches Two Zero-Days Under Attack