Some of the biggest antivirus software providers around today have warned users to update their platforms immediately to stay safe from worrying security threats.
Bitdefender and Trend Micro have both released high severity notices to update after Man-in-the-Middle and Local Privilege Escalation vulnerabilities were found to be leaving customers exposed.
In total, six Common Vulnerabilities and Exposures (CVEs) were listed, five relating to Bitdefender and one for Trend Micro Deep Security Agent - users of Bitdefender Total Security have been advised to use version 27.025.115 or newer to protect themselves, and Trend Micro Deep Security Agent users are advised to be on product version 20.0.1-17380.
Keep up to date
Although Trend Micro is only addressing one vulnerability, it is a serious cybersecurity issue - as Local Privilege Escalation means standard users can gain system-level access, stemming from insufficient control over authentication processes.
The five vulnerabilities patched by Bitdefender stemmed from the HTTPS scanning function, which failed in proper certificate verification. This could allow threat actors to intercept the communications between users and sites by inserting themselves into internet connections in a ‘Man-in-the-middle’ attack.
Cyberattacks have become more frequent since the pandemic, and CVE is expected to grow 25% this year - which means roughly 2,900 new vulnerabilities per month. Shockingly though, around 45% of all CVEs reported in 2023 were unpatched, leaving users exposed.
Security flaws happen, and they’re always going to. The best thing you can do to keep your systems and your business safe is to patch as soon as you can and ensure you run the newest version of your software to mitigate the risks.
Via Heise