Trend Micro Multiple Products TmComm.sys IOCTL Handler Local Privilege Escalation
High Nessus Plugin ID 24682
SynopsisThe remote Windows host is affected by a local privilege escalation issue.
DescriptionThe version of tmcomm.sys installed on the remote system is affected by a local privilege escalation vulnerability. The issue exists due to insecure permissions on Tmcomm.sys which allows write access to 'everyone' group on the remote system. Successful exploitation of this issue could lead to arbitrary code execution with SYSTEM privileges.
SolutionUpdate the Anti-Rootkit Common Module (RCM) to version 1.600-1052.