It’s ironic when programs that are meant to protect you from attackers actually open up doors from them. One of Google’s information security engineers discovered a critical flaw in Trend Micro antivirus which would not only have allowed attackers to execute code remotely but would have even let them steal all of your passwords.

Trend Micro’s antivirus product features a password manager that lets users export their passwords to it. The manager has been written in JavaScript and it opens multiple HTTP remote procedure call ports to take care of API requests, explains Tavis Ormandy, the Google security engineer who found the flaws.

Ormandy says that it took him just 30 seconds to find one that accepted remote code execution and he also discovered an API that allowed him to access passwords meant to be kept safe in the password manager. He found a total of 70 APIs that were exposed but didn’t investigate all of them for issues, rather he suggested that Trend Micro hire an external consultancy to go through the code with a fine comb.

He even posted his email exchanges with the company online to show how frustrated he became with Trend Micro because apparently it was not moving fast enough to fix this major flaw. “I really hope the gravity of this is clear to you, because I’m astonished about this,” he wrote in one of those emails.

Christopher Budd, global threat communications manager at Trend Micro has said that it has worked with Ormandy to identify and address vulnerabilities, and that “customers are now getting protections through automatic updates.”

Filed in General. Read more about and . Source: pcworld

Discover more from Ubergizmo

Subscribe now to keep reading and get access to the full archive.

Continue reading