Security Bulletin: Trend Micro Security Kernel Driver Null Pointer Dereference Vulnerability

Release Date: September 8, 2016

Trend Micro Vulnerability Identifier: 2016-0125

Platform(s): Windows OS

Summary

Trend Micro released a new build of the Trend Micro Security family of consumer-focused products. This update resolves vulnerability in the product that could potentially expose kernel debugging information.

Affected version(s)

Solution

Trend Micro has released an update to resolve this issue and customers should receive the update automatically as long as they are connected to the Internet.

Vulnerability Details

This update resolves a vulnerability in one of Trend Micro Security Network Content Inspection drivers. When an attacker triggers a null pointer dereference it would produce a driver fault and BSOD. The resulting exceptions can be used to elevate privileges or leak the kernel debugging information. Such information will be valuable in planning subsequent attacks.

Trend Micro has not received any reports and is not aware of any actual attacks against the affected products related to the Kernel Driver Null Pointer Deference vulnerability at this time.

Mitigating Factors

None identified. Customers are advised to ensure they always have the latest version of the program.

Acknowledgement

Trend Micro would like to thank the following individuals for responsibly reporting this issue and working with Trend Micro to help protect our customers:

• Enrique Elias Nissim
• Jaanus Kp of Clarified Security working with Trend Micro's Zero Day Initiative
• @bee13oy of CloverSec Labs working with Trend Micro's Zero Day Initiative
• Kasif Dekel & Gal Elbaz of Check PointSecurity Research Team

Additional Assistance

Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.