Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know it’s present in the third-party AV uninstaller module provided with the products, and can be exploited to execute arbitrary code with the system privilege on the PC where a vulnerable security agent is installed.

Source: Help Net Security