Trend Micro: Antivirus FAIL!

Antivirus Tells World To Steal Your Stuff

The worst possible scenario is here. Trend Micro^[1] antivirus has been in the business of selling antivirus software for home, business, and enterprise scale customers since 1989 and they just showcased to the world how to do it all wrong.

If you don’t want the details just follow this recommendation: “Uninstall Trend Micro products. Remove them. Destroy them. Never use them until you hear that they have redeemed themselves.”

• The antivirus software allows any website to run any program on your computer.
•  The antivirus software allows any attacker to steal all of your internet passwords.

Tavis Ormandy, a security researcher at Google, found the problems with the Trend Micro software earlier this month and engaged the company to discuss the problems, of which there are dozens, with them. Their response has been lackluster at best. Some the the exchange between Mr.Ormandy and Trendmicro is documented on a Google security blog here.

There are many technical details which I will not cover here but are available in the blog post linked above. Despite protestations from Trend Micro stating that they issued a patch to fix the problem there remain many vulnerabilities that are unpatched. Security expert Steve Gibson (https://grc.com) has presented a, detailed, technical exposition of the problems on his Security Now podcast episode 542. To paraphrase Mr. Gibson “This needs to be rewritten from the ground up and audited by a third party security software professional”. to quote Mr. Gibson ‘“TrendMicro drastically lowers the bar on "you're doing it wrong"’

Recommendation: DO NOT USE TREND MICRO ANTIVIRUS SOFTWARE FOR THE FORESEEABLE FUTURE.

dssdf