Trend Micro OfficeScan Web Deployment ActiveX Remote Code Execution Vulnerability : Hackers Center : Internet Security Archive: Exploits, Patch, Security Articles, Advisories
Trendmicroの企業向けウイルスバスターCorpにおいて、Webからダウンロードする際に使うActiveXに脆弱性があるそうです。
A vulnerability has been identified in OfficeScan Corporate Edition, which could be exploited by attackers to take complete control of an affected system. This issue is due to a buffer overflow error in the web deployment ActiveX control when handling malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.
パッチがあるそうです適用しましょう。
Solution
Apply patch for osce version 7.0 :
http://www.trendmicro.com/ftp/products/patches/osce_70_win_en_securitypatch_b1344.exe
Apply patch for osce version 7.3 :
http://www.trendmicro.com/ftp/products/patches/osce_73_win_en_securitypatch_b1241.exe