Zero-Day Advisory
Fortinet Discovers Trend Micro Security Products Security Bypass Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered Security Bypass vulnerability in multiple Trend Micro security products.
Fortinet discovered some malware are manipulating VizorUniclient.dll, one of Trend Micro's product DLL components, to exclude the malware's specified file path from Trend Micro Security's real-time or on-demand scanning.
Solutions
Users should apply the solution provided by Trend Micro.
Additional Information
Following products and versions are affected.
 Premium Security 10.0.1186 and below
 Maximum Security 10.0.1186 and below
 Internet Security 10.0.1186 and below
 Antivirus + Security 10.0.1186 and below
Timeline
Fortinet reported the vulnerability to Trend Micro on March 18, 2016.
Trend Micro confirmed the vulnerability on April 13, 2016.