Bitdefender and Trend Micro, both well-known antivirus companies, have recently patched dangerous vulnerabilities in their software. These bugs, left unfixed, could make users vulnerable to hackers who might access their systems. Administrators and users are encouraged to apply the updates as soon as possible to prevent potential breaches.
Bitdefender’s HTTPS Scanning Issues Expose Users
One of the major issues lies within Bitdefender’s “Total Security” suite. Multiple weaknesses in the way it handles HTTPS scanning allow attackers to perform man-in-the-middle (MITM) attacks. If someone exploits these bugs, they could listen in on the secure communications between the user and websites without them realizing it.
There’s a particular flaw (CVE-2023-49570) where the software mistakenly trusts certificates from entities that aren’t even authorized to issue them. Another issue (CVE-2023-49567) has the product trusting certificates using outdated MD5 and SHA1 algorithms, which hackers can forge. These vulnerabilities open the door to fake certificates slipping through and exposing user data.
Outdated Cryptographic Methods
Bitdefender’s use of older cryptographic methods, such as RIPEMD-160 and DSA-signed certificates, also raises concerns. Flaws like CVE-2023-6057 and CVE-2023-6056 allow for certificates that should be untrustworthy to be accepted by the software. This means an attacker can set up fake SSL connections that appear legitimate, potentially leading to data being intercepted.
One particularly worrying aspect of Bitdefender’s handling of certificates is that if a user adds a site to the exception list, the product will trust any self-signed certificates for that site going forward. This effectively reduces security for those websites, leaving users vulnerable to attacks. It seems Bitdefender’s Safepay browser feature doesn’t properly handle this, exposing financial data during secure transactions.
Trend Micro’s Deep Security Agent Faces Privilege Escalation
In the case of Trend Micro, its “Deep Security Agent” software had a severe flaw (CVE-2024-48903) that could allow attackers to escalate their user privileges on a system. Once they have a low level of access, they can exploit this to gain higher-level privileges and take control of the machine. This problem affects Windows users specifically and poses a serious risk to system security.
Trend Micro addressed this by releasing version 20.0.1-17380 of the Deep Security Agent. Without the update, attackers could easily exploit the issue, allowing them to manipulate the system without the need for the administrator’s knowledge.
Users Must Act Quickly
Though Bitdefender has applied an automatic update to version 27.0.25.115, which fixes the vulnerabilities, it’s still vital for users and system administrators to ensure the patch has been applied. Trend Micro users, meanwhile, need to manually update their software if the automatic process hasn’t kicked in yet.
These vulnerabilities, rated as high severity, highlight the risks in security software, which ironically, is designed to protect systems. It remains unknown whether any real-world attacks have already taken advantage of these flaws, but both companies recommend monitoring systems closely for any signs of unusual activity.
Last Updated on November 7, 2024 2:26 pm CET