Business Daily Media

Men's Weekly

.

Trend Micro ZDI Surpasses 1000 Published Advisories in 1H 2023 In Continued Commitment to Coordinated Disclosure

Security leader to announce critical Microsoft zero-days at Black Hat USA 2023

HONG KONG SAR - Media OutReach - 18 August 2023 - Trend Micro (TYO: 4704; TSE: 4704), a global cybersecurity leader, announced at Black Hat USA 2023 that its Zero Day Initiative program has published advisories addressing over 1000 unique vulnerabilities in 2023.

The real-world impact if these vulnerabilities were to be weaponized would amount to time and financial losses of over 10 times the cost of prevention.

"Our proactive investment of millions each year into vulnerability research and purchases saves billions in recovery for both our customers and the industry as a whole," said Kevin Simzer, COO at Trend. "A concerning trend is being documented of companies lacking transparency around vulnerability disclosure vendor patching, which pose a threat to the security of the digital world."

Today, Trend is calling for an end to silent patching – the practice of slowing or diluting public disclosure and documentation of vulnerabilities and patches. It is a major roadblock to fighting cybercrime but is all too common among major vendors and cloud providers.

During a session at Black Hat USA 2023, Trend Research representatives revealed that silent patching has become particularly common among cloud providers. Companies are more frequently refraining from assigning a Common Vulnerabilities and Exposures (CVE) ID for public documentation and are instead privately issuing patches.

The lack of transparency or version numbers for cloud services hinders risk assessment and deprives the wider security community of valuable information for enhancing overall ecosystem security.

At last year's Black Hat event, Trend warned of a growing number of incomplete or faulty patches and an increasing reluctance among vendors to deliver authoritative information on patches in plain language. The gap has since worsened, with some companies deprioritizing patching altogether, leaving their customers and industries exposed to unnecessary and increasing risk.

Urgent action is needed to prioritize patching, address vulnerabilities and foster collaboration among researchers, cybersecurity vendors and cloud service providers to fortify cloud-based services and protect users from potential risks.

Trend is committed to transparent vulnerability patching and aims to enhance security postures industry-wide through its Zero Day Initiative program. Through its commitment to transparent disclosure, Trend's ZDI issued today advisories on several zero-day vulnerabilities including:

ZDI-CAN-20784 Github (CVSS 9.9)

  • This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft GitHub. Authentication is required to exploit this vulnerability
  • The flaw exists within the configuration of Dev-Containers. The application does not enforce the privileged flag within a dev container configuration. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor

ZDI-CAN-20771 Microsoft Azure (CVSS 4.4)

  • This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. An attacker must first obtain the ability to execute high-privileged code on the target environment in order to exploit this vulnerability
  • The flaw exists within the handling of certificates. The issue results from the exposure of a resource to the wrong control sphere. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

For a full list of advisories published by Trend Micro's ZDI, visit: https://www.zerodayinitiative.com/advisories/published/

Trend Micro's ZDI pioneered the vulnerability marketplace with a focus on disrupting attackers by legitimately purchasing vulnerability research that can then be disclosed to affected vendors to address before the information is made public.

Hashtag: #trendmicro #ZDI #cybersecurity #cloudsecurity



The issuer is solely responsible for the content of this announcement.

About Trend Micro

Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response. With 7,500+ employees across 70 countries, Trend Micro enables organizations to simplify and secure their connected world.

News from Asia

SUNRATE Secures Payment Business Licence In China

SINGAPORE - Media OutReach Newswire - 15 August 2025 - SUNRATE, the global payment and treasury management platform, today announced it has secured a payment business licence in China following it...

China UnionPay’s Poetry POS Machine Campaign Starts Global Heart-Warming Journey in Thailand

BANGKOK, THAILAND - Media OutReach Newswire - 15 August 2025 - Recently, alongside a Chinese lantern festival held in Thailand, UnionPay's Poetry POS Machine public welfare initiative brought the ...

GWM Brazil Plant Officially Opens with President Lula in Attendance

Iracemápolis, São Paulo - Media OutReach Newswire - 16 August 2025 - In the early hours of August 16 (Beijing time), GWM's Brazil plant officially commenced operations, marked by a grand ceremony ...

HOPE Foundation and Taiwan’s Top Lung Cancer Experts Call for Seamless Integration of Early Screening, Precision Diagnostics, and Early Treatment

TAIPEI, TAIWAN - Media OutReach Newswire - 16 August 2025 - Lung cancer continues to be the leading cause of cancer-related deaths worldwide. Yet, progress is within reach. In Taiwan, thanks to th...

From Differentiation to Emotional Connection: 180 Brand Talk 6.0 Returns to Help Brands Win Hearts

Many SMEs start by asking how to make customers choose their brand. But the real question is—if customers don't like a brand, there's no reason for them to choose it...

Philosophy Studio Partners with OWAY to Introduce Customised Detox Rituals and Scalp Treatments in Singapore

SINGAPORE - Media OutReach Newswire - 18 August 2025 – Philosophy Studio, a leading hair studio in Singapore dedicated to holistic and sustainable beauty, proudly announces its partnership with It...

VinFast Philippines honored at the 2025 Legacy Awards for Business

MANILA, PHILIPPINES - Media OutReach Newswire - 18 August 2025 - VinFast Philippines has been honored at the 2025 Legacy Awards for Business in the category of "Excellence in Strategic Mobility In...

PROPEL with Singlife Champions Excellence in Financial Advisory as Sponsor of 10th Asia Trusted Life Agents & Advisers Awards 2025

Sponsorship in line with its vision of empowering financial advisory firms and progressing the industrySINGAPORE - Media OutReach Newswire - 18 August 2025 - PROPEL with Singlife, the one-stop ...

The 2nd Hohhot International Sculpture Art Exhibition: Using Sculpture to Bridge China and the World

HOHHOT, CHINA - Media OutReach Newswire - 12 August 2025 - The 2nd Hohhot International Sculpture Art Exhibition has opened at the Hohhot Sculpture Art Museum, showcasing 95 works by 80 artists fr...

Henan Meets SCO: Anyang Receives Acclaim from Media and Think Tank Guests

ANYANG, CHINA - Media OutReach Newswire - 29 July 2025 - From July 23 to 27, the Shanghai Cooperation Organization Media and Think Tank Summit was held in Henan Province. During this event, guests...

Portable Monitors for Coding and Programming Students

Today, coding and programming require more focus and efficiency. But, the most essential thing it demands is ample screen space. Students can stru...

Beyond the Banks: Why Agility and Tech Integration Are Defining the Future of Lending in Australia

In Australia’s evolving credit landscape, non-bank lenders are no longer merely filling gaps left by traditional institutions; they are actively r...

Carma appoints Owen Wilson as Chair of the Board

Carma’s next phase of growth to be guided by REA Group’s outgoing CEO who oversaw realestate.com.au rise to be Australia's #1 place for property ...

Digital Upgrade to Boost Efficiency Across Tasmanian Ports

TasPorts is undertaking a multimillion-dollar digital transformation that will improve efficiency, and enable smarter, more sustainable operations a...

Simplifying ecommerce integrations: How to streamline your setup without the stress

In today’s fast-moving retail world, having an ecommerce presence isn’t optional. Platforms like Shopify, WooCommerce, and Squarespace have lowered...

Shop Small Returns to Back the Small Businesses Supporting Local Communities

The annual Shop Small movement by American Express is returning for its 13th year in Australia to galvanise support for the country’s vibrant smal...

Sell by LayBy