Release Date: April 15, 2024

CVE Vulnerability Identifier: CVE-2024-32849

Platform(s): Microsoft Windows

CVSSv3 Scores:7.8: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H


Trend Micro has released an update via ActiveUpdate for the Trend Micro Security for Windows family of consumer products which resolves a Privilege Escalation Vulnerability by updating the libraries in version 17.7 or higher of the software.

Affected version(s)

Trend Micro Maximum Security17.7Microsoft WindowsEnglish


Trend Micro Maximum SecurityVersion 17.7 or higherMicrosoft WindowsEnglish

Vulnerability Details

Trend Micro Security 17.7 (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.

Mitigating Factors

It is recommended to install the latest version and download the most recent AU.


Trend Micro would like to thank Nicholas Zubrisky and Michael DePlante (@izobashi) of Trend Micro’s Zero Day Initiative (ZDI) for responsibly disclosing this issue and working with Trend Micro to help protect our customers.

Additional Assistance

Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.

External Reference

  • ZDI-CAN-22269
Comments (0)
Add a comment