The first build that TrendMicro sent over to Travis Ormandy for verification fixed one of the major issues of the program (the use of ShellExecute), but that did not take care of other issues spotted during the rough examination of the code. An easy way to do that (tested on Windows 7), would be to auto-download a zip file containing an HTA file, and then invoke it Hey, just wanted to check if there's any update here? This is trivially exploitable and discoverable in the default install, and obviously wormable - in my opinion, you should be paging people to get this fixed.įWIW, it's even possible to bypass MOTW, and spawn commands without any prompts whatsoever. In a reply to an employee of TrendMicro Ormandy added the following information: This means any website can launch arbitrary commands It took about 30 seconds to spot one that permits arbitrary command execution, openUrlInDefaultBrowser, which eventually maps to ShellExecute(). This product is primarily written in JavaScript with node.js, and opens multiple HTTP RPC ports for handling API requests. According to Ormandy, the Password Manager component is the culprit this time which is installed automatically with TrendMicro Antivirus for Windows and runs on start ( and also available as a standalone program and app). TrendMicro Password Manager security issueĪnd now it is Trend Micro that gets shamed openly by Google. TuneUp, installed with AVG security software or separately, put Chrome users at risk by disabling "web security" for Chrome users who had installed the extension.ĪVG produced a fix eventually (needed two attempts for that, the first was rejected as it was not sufficient). The company shamed AVG openly in the beginning of January for its Web TuneUp extension for Chrome as security flaws put the 9 million Chrome users who use it at risk. "C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe" -enable-dom-distiller -disable-domain-reliability -no-pings -extension-content-verification=enforce_strict -extensions-install-verification=enforce -sync-url= -enable-features=PasswordImport,WebUIDarkMode,SimplifyHttpsIndicator -disable-features=AutofillServerCommunication,AllowPopupsDuringPageUnload,LookalikeUrlNavigationSuggestionsUI,WebXrGamepadModule,NotificationTriggers,AudioServiceOutOfProcess,SmsReceiver,VideoPlaybackQuality,WebXR -flag-switches-begin -flag-switches-end -enable-audio-service-sandbox -disable-webrtc-apm-in-audio-service -disable-syncĬ:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exeĬ:\Users\stefan.It seems that Google is currently investigating security products on Windows, and there especially those that interact with the Chrome web browser or Chromium in one way or the other. No antivirus messages :) Reproduces how often: Brave version (brave://version info) Brave This is a screenshot of the warning I received:Īnd this is what TrendMicro says on the linked website: Steps to Reproduceĭid not try to reproduce yet, but probably Installation Trent Micro Office Scan and Brave should reproduce this Actual result: Expected result:
0 Comments
Leave a Reply. |