Views:

Trend Micro is aware of the disclosure on March 30, 2016, by Tavis Ormandy of Google’s Project Zero team regarding vulnerabilities discovered in Trend Micro Password Manager, a consumer-focused product.

Trend Micro has been working closely with Mr. Ormandy, a well-known and respected researcher, in recent weeks since these potential vulnerabilities were reported under the rules of our standard product vulnerability response process. This process has been in place for several years to address the most critical findings by researchers as quickly and efficiently as possible.


Does Trend Micro offer any protection against this vulnerability?

A mandatory patch addressing the most critical issues was validated by the researcher and automatically pushed to affected Trend Micro Password Manager consumers via Trend Micro’s ActiveUpdate servers.

Since this is automatic, no action is required on the part of the user to receive the update, other than making sure the computer is connected to the Internet.

Most, if not all, users of the product should have the update in place by March 30, 2016.

What Trend Micro products are affected?

This issue only was reported to affect Trend Micro Password Manager.

It is very important to note that there is no evidence that suggests that the proof of concept exploits reported to Trend Micro were ever used publicly.

What if I have additional questions?

Contact our Technical Support for further assistance.

Comments (0)
Add a comment
Home Support

Security Bulletin: Trend Micro Password Manager Chromium Remote Debugger Stub Vulnerability

Trend Micro is aware of the disclosure on March 30, 2016, by Tavis Ormandy of Google’s Project Zero team regarding vulnerabilities discovered in Trend Micro Password Manager, a consumer-focused product.

Trend Micro has been working closely with Mr. Ormandy, a well-known and respected researcher, in recent weeks since these potential vulnerabilities were reported under the rules of our standard product vulnerability response process. This process has been in place for several years to address the most critical findings by researchers as quickly and efficiently as possible.


Does Trend Micro offer any protection against this vulnerability?

A mandatory patch addressing the most critical issues was validated by the researcher and automatically pushed to affected Trend Micro Password Manager consumers via Trend Micro’s ActiveUpdate servers.

Since this is automatic, no action is required on the part of the user to receive the update, other than making sure the computer is connected to the Internet.

Most, if not all, users of the product should have the update in place by March 30, 2016.

What Trend Micro products are affected?

This issue only was reported to affect Trend Micro Password Manager.

It is very important to note that there is no evidence that suggests that the proof of concept exploits reported to Trend Micro were ever used publicly.

What if I have additional questions?

Contact our Technical Support for further assistance.


Was this helpful?

  • It wasn't helpful at all.
  • It was not helpful.
  • Just okay.
  • It was helpful.
  • It was very helpful.
Messenger Icon
Ask Vanessa

Get in touch with our Social Media ambassador and she'll answer your question or issue.

Hi there!  👋

How can we help you today? Click the button below to start chatting with support.

Product Image
Close
Trend Micro Support

Our Support Representative will be with you shortly.

Product Image

Trend Micro Support

Usually replies in a few minutes.

Before we start, kindly fill up the details below:

Please see our privacy policy for more information on how we use your data.