Trend Micro Anti-Threat Toolkit Remote Code Exec 0day
Trend Micro Anti-Threat Toolkit (ATTK) will load and execute arbitrary .EXE files if a malware author happens to use the vulnerable naming convention of "cmd.exe" or "regedit.exe" and the malware can be placed in the vacinity of the ATTK when a scan is launched by the end user. Since the ATTK is signed by verified publisher and therefore assumed trusted any MOTW security warnings are bypassed if the malware was internet downloaded, also it can become a persistence mechanism as each time the Anti-Threat Toolkit is run so can an attackers malware. http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Note: If video blurry change quality to HD in settings.
Trend Micro Anti-Threat Toolkit (ATTK) will load and execute arbitrary .EXE files if a malware author happens to use the vulnerable naming convention of "cmd.exe" or "regedit.exe" and the malware can be placed in the vacinity of the ATTK when a scan is launched by the end user. Since the ATTK is signed by verified publisher and therefore assumed trusted any MOTW security warnings are bypassed if the malware was internet downloaded, also it can become a persistence mechanism as each time the Anti-Threat Toolkit is run so can an attackers malware. http://hyp3rlinx.altervista.org/advisories/TREND-MICRO-ANTI-THREAT-TOOLKIT-(ATTK)-REMOTE-CODE-EXECUTION.txt Note: If video blurry change quality to HD in settings.