[Japanese]

JVNDB-2025-008105

Windows shortcut following (.LNK) vulnerability in Trend Micro Security for Windows (CVE-2025-52521)

Overview

Trend Micro Incorporated has released a security update for Trend Micro Security for Windows (CVE-2025-52521).

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products


Trend Micro, Inc.
  • Trend Micro Security for Windows versions prior to 17.8.1476

Impact

  • Arbitrary files or folders may be deleted due to a windows shortcut following (.LNK) vulnerability (CWE-64, CVE-2025-52521)
Solution

[Update the software]
Update the software to the latest version.
According to the developer, the update is automatically applied via ActiveUpdate.
Vendor Information

Trend Micro, Inc.
CWE (What is CWE?)

  1. Windows Shortcut Following (.LNK)(CWE-64) [Other]
CVE (What is CVE?)

  1. CVE-2025-52521
References

  1. JVN : JVNVU#94870570
Revision History

  • [2025/07/07]
      Web page was published