Summary
Trend Micro has been notified of a product vulnerability in TIM.
According to the report, certain files/scripts present in TIM's web interface are vulnerable to arbitrary file reading. In addition, the password of the "admin" account is written in plain text in one of the installation log files.
These vulnerabilities indicate that the system password may be more easily uncovered by attackers, and would then allow them to remotely control TIM.
Details
Trend Micro has released TIM 1.0 Patch 5 to address this vulnerability.
After installing the patch, the vulnerable files will be removed and/or replaced with updated, non-vulnerable versions.
The patch installer may be downloaded from Trend Micro Download Center.
