JVNDB-2022-001800

Installer of Trend Micro HouseCall for Home Networks may insecurely load Dynamic Link Libraries

Trend Micro Incorporated has released a security update for HouseCall for Home Networks.

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.

Trend Micro, Inc.

• HouseCall for Home Networks (for Windows) Versions 5.3.1302 and earlier

Installer of Trend Micro HouseCall for Home Networks contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the administrative privilege of the system.
For more information, refer to the information provided by the developer.

[Use the latest installer]
Use the latest installer provided by the developer.
Users who already have installed the software do not need to re-install, because this issue affects the installers only.

Trend Micro, Inc.

• Trend Micro : Security Bulletin: Trend Micro HouseCall for Home Networks Uncontrolled Search Path Element Privilege Escalation Vulnerability

1. CVE-2022-28339

1. JVN : JVNVU#93434935
2. JVN : JVNTA#91240916

• [2022/05/13]
    Web page was published