Actively exploited Trend Micro DLL hijacking bug addressed

Trend Micro has addressed a Trend Micro Security DLL hijacking vulnerability, which has been actively exploited by Chinese threat group Moshen Dragon, BleepingComputer reports. "For Trend Micro Security (Consumer), a fix was deployed via Trend Micro's ActiveUpdate (AU) on May 19, 2022, and any user with an active internet connection should receive the update shortly if they have not yet already received it," said Trend Micro. The patch comes after Sentinel Labs reported earlier this month about Moshen Dragon's efforts to exploit similar flaws in McAfee, Kaspersky, Bitdefender, and Symantec security offerings to facilitate the deployment of the Impacket Python kit, which was then used to drop the ShadowPad and PlugX backdoors, in attacks against Central Asian telecommunications providers. However, Bitdefender Senior Director for Global Public Relations Steve Fiore noted that its devices have not been impacted by the DLL hijacking attacks. "... [W]e have no information pertaining to our installed product being compromised by the threat actor, our customers and partners are protected from privilege escalation in this campaign," Fiore said.