Cybersecurity firm Trend Micro has told users to apply a newly released patch for some of its products immediately, as it looks to address a security flaw that’s being abused in the wild to deliver malware.
In a security bulletin, the company said it released a fix for Apex One (version 2019 - on-premise), Apex One as a Service and Agent version 14.0.12637, Worry-Free Business Security (version 10.0. SP1), and Worry-Free Business Security Services (SaaS), and urged users to apply it immediately.
The patch fixes a vulnerability tracked as CVE-2023-41179, a high-severity flaw (9.1 on CVSS) affecting the third-party antivirus uninstaller module that comes bundled with the software. The flaw would “allow an attacker to manipulate the module to execute arbitrary commands on an affected installation,” Trend Micro said.
Abused in the wild
The company also noted that in order to exploit this flaw, the threat actor must first get administrative console access on the target endpoint. Still, the threat seems to be real, as Trend Micro said it "observed at least one active attempt of potential exploitation of this vulnerability in the wild." For organizations that are unable to apply the patch immediately, the workaround is to limit access to the product administration console to trusted networks, only.
“However, even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible,” the security pros concluded.
Unfortunately, Trend Micro did not share any more details about the observed attack attempt - namely who the potential victim was, in which industry it operates, or its size. We also don’t know who the attackers were, but we have asked Trend Micro and will update the article if we hear back from them.
For now, the best way to stay safe is to always update all software and hardware, and have state-of-the-art endpoint protection or firewalls installed.
More from TechRadar Pro
- Google Ads are being hijacked to serve up dangerous malware
- Here's a list of the best endpoint protection services
- Looking for a good firewall? Here are the best firewalls right now
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.