Android
Mac & iOS
Network Security
Data & Privacy
Anti Scam and Spam
Browser Protection
One fine body…
Release Date: March 28, 2023
CVE Vulnerability Identifier: CVE-2023-28929
Platform(s): Microsoft Windows
CVSS: 3.1
Scores: 8.6: AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Severity Rating: Medium
Trend Micro has released an update via ActiveUpdate for the Trend Micro Security for Windows family of consumer products (2021,2022, and 2023) which resolves a DLL hijacking vulnerability.
PRODUCT | AFFECTED VERSION(S) | PLATFORM | LANGUAGE(S) |
---|---|---|---|
Trend Micro Security | 2022/2023 (17.7.1476 and below) | Microsoft Windows | English |
Trend Micro Security | 2021 (17.0.1412 and below) | Microsoft Windows | English |
Trend Micro has released an update via ActiveUpdate for each version below that resolves the issue.
PRODUCT | APPLICABLE VERSION(S) | PLATFORM | LANGUAGE(S) |
---|---|---|---|
Trend Micro Security | 2022/2023 (17.7.1634 and below) | Microsoft Windows | English |
Trend Micro Security | 2021 (17.0.1426 and below) | Microsoft Windows | English |
Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.
Trend Micro would like to thank the following individuals for responsibly disclosing the issue and working with Trend Micro to help protect our customers:
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.