web
You’re offline. This is a read only version of the page.
close
Looking for business support?

Help Center

This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.

Learn More Yes, I agree

Security Bulletin: DoubleAgent DLL Injection Potential Security Issue in Trend Micro Security 2017

LAST UPDATED: MAR 22, 2017

Release Date: March 22, 2017

CVE: 2017-5565

Platform(s):Windows

Summary

Trend Micro has released an update which helps Trend Micro defend against an OS-level security issue that could potentially be exploited in Trend Micro Security 2017 when someone with administrative user rights attempts to inject a DLL to a Trend Micro process by taking advantage of Microsoft’s Standard Application Verifier Provider DLL.

This potential security issue has been dubbed “DoubleAgent” and is said to affect anti-malware products from multiple vendors. Due to the seriousness of this issue, Trend Micro recommends that users of Trend Micro Security update their security software as soon as possible.

Affected version

  • Trend Micro Premium Security 2017
  • Trend Micro Maximum Security 2017
  • Trend Micro Internet Security 2017
  • Trend Micro Antivirus+ Security 2017

Solution

As of March 30, 2017, the resolution for this issue is now available from Trend Micro's ActiveUpdate server. Trend Micro Security 2017 customers will receive the fix on the next scheduled update or manually download it by clicking > About the Software on the main console. The latest version is 11.1.1045.

References

Trend Micro Security Bulletin: https://success.trendmicro.com/solution/1116957
CVE Bulletin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5565

Was this article helpful?
STAY SAFE FROM SCAMS!

Discover the latest scam tricks, how to spot them, and how to block them.