Based on Trend Micro’s analysis of the research, there are certain types of archives containing potentially malicious files that - depending on how they were compressed - may not immediately be flagged as malicious in its compressed state during a manual scan in certain products.
However, based on the samples provided, all the products in question will detect the malicious files upon trying extraction by real-time scanning. Because Trend Micro security products are multi-layered using different technologies, this means the customer is still protected against these malicious files.
Since the threat landscape is constantly evolving, Trend Micro will continue to research new and more effective ways to detect malicious activity as early as possible. We will continue to add new enhancements to our scanning technology as different detection methodologies arise.
Customers should be sure to always be mindful of any file that may have a suspicious or unknown origin using downloading, browsing and email best practices.
Trend Micro would like to thank the following individuals and/or organizations for responsibly disclosing these issues and working with Trend Micro to help protect our customers:
- Thierry Zoller (https://blog.zoller.lu )
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.