CVE-2022-41744 An Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point.

Currently, there are no known exploits for this issue. Trend Micro recommends users upgrade to the latest version of Apex One Vulnerability Protection as soon as possible.

For updates, please visit the Trend Micro website. Trend Micro TippingPoint has blocks certain zero-day exploits that target CVE-2014-5333, a vulnerability in the Microsoft Windows Server service that could be exploited to turn a directory on an affected system into a writable location. Trend Micro currently blocks the following exploits: CVE-2014-5333: Microsoft Windows Server Service Remote Code Execution (CVE-2014-5333) CVE-2014-4608: Microsoft Windows Server Service Elevation of Privilege (CVE-2014-4608) CVE-2007-0222: Microsoft Windows File Handling Remote Code Execution (CVE-2007-0222) CVE-2010-1387: Microsoft Windows Service Remote Code Execution (CVE-2010-1387) CVE-2010-0435: Microsoft Windows RPC Remote Code Execution (CVE-2010-0435) CVE-2010-3615: Microsoft Windows RPC Remote Code Execution (CVE-2010-3615) CVE-2010-3617: Microsoft Windows RPC Remote Code Execution (CVE-2010-3617) CVE-2010-3620: Microsoft Windows RPC Remote Code Execution (CVE-2010-3620) CVE-2010-3622: Microsoft Windows RPC Remote Code Execution (CVE-2010-3622) CVE-2013-1918: Microsoft

Updates for CVE-2014-5333

Trend Micro has released updates for the following products that address CVE-2014-5333: Trend Micro Antivirus for Windows Server (Build 10.0.0) Trend Micro Antivirus for Linux Server (Build 1.0.6)
Trend Micro Smart Protection Suites (Build 11.8.1002) Trend Micro OfficeScan Corporate Edition (Build 9.3.3) Trend Micro Endpoint Security Manager (Build 11.8.1002)
To get the update, please log in to your account on www.trendmicro.com and click on the Support tab to access the latest version of your product's software, or follow these steps:
1. Download the file to any location and double-click it to install it on your system 2. Follow all installation prompts 3

Microsoft Office Remote Code Execution Vulnerability

Microsoft Office Remote Code Execution vulnerability CVE-2013-1918. This vulnerability exists in Microsoft Word, Excel, and PowerPoint. We recommend customers upgrade to the latest version of Microsoft Office as soon as possible.
Trend Micro TippingPoint has blocked the following exploits: CVE-2013-1918: Microsoft Office Remote Code Execution (CVE-2013-1918)

File Integrity Check

A file integrity check will tell you if your system has been compromised by an exploit. On the Trend Micro website, under the heading of "File Integrity Check," click the button that says "Check for Infection."
Then, you'll be redirected to a webpage with instructions on how to perform your own file integrity check.

Timeline

Published on: 10/10/2022 21:15:00 UTC
Last modified on: 10/11/2022 20:14:00 UTC

References

• https://success.trendmicro.com/solution/000291645
• https://www.zerodayinitiative.com/advisories/ZDI-22-1404/
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41744