Trendmicroの企業向けウイルスバスターCorpにおいて、Webからダウンロードする際に使うActiveXに脆弱性があるそうです。

A vulnerability has been identified in OfficeScan Corporate Edition, which could be exploited by attackers to take complete control of an affected system. This issue is due to a buffer overflow error in the web deployment ActiveX control when handling malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.

パッチがあるそうです適用しましょう。

Solution

Apply patch for osce version 7.0 :
http://www.trendmicro.com/ftp/products/patches/osce_70_win_en_securitypatch_b1344.exe
Apply patch for osce version 7.3 :
http://www.trendmicro.com/ftp/products/patches/osce_73_win_en_securitypatch_b1241.exe

関連URL

• FrSIRT - Trend Micro OfficeScan Web Deployment ActiveX Remote Code Execution Vulnerability / Exploit