On October 5, 2016, Trend Micro released OSCE 11.0 SP1 CP 6134 to address a reported vulnerability. The critical patch is now available in the Download Center.
Guest users who do not have the required permissions may be able to change certain OSCE web console settings.
You may download this critical patch via the following links:
Trend Micro would like to thank Adriano Marcio Monteiro for responsibly disclosing this issue and working with Trend Micro to help protect our customers.
It is recommended that you apply this patch. For support assistance, please contact Trend Micro Technical Support.