CoreTechDaily

Critical Security Updates Released for Trend Micro Apex Central: Immediate Action Required

Trend Micro has issued urgent patches for Apex Central to address critical vulnerabilities that allow remote code execution.

Published Jan 12, 2026
Tags:Security PatchTrend MicrovulnerabilityApex Central
Critical Security Updates Released for Trend Micro Apex Central: Immediate Action Required
  • CVE-2025-69258 in Trend Micro Apex Central allowed unauthenticated DLL injection and remote code execution
  • Critical Patch Build 7190 fixes this flaw plus CVE-2025-69259 and CVE-2025-69260
  • Trend Micro urges immediate patching; mitigations like disconnecting systems are only temporary safeguards

Trend Micro has addressed a critical vulnerability in Apex Central (on-premise) that permitted attackers to execute arbitrary code remotely.

Apex Central serves as a self-hosted centralized management platform for enterprise security, enabling organizations to manage Trend Micro endpoint, server, and workload protection products from a single console within their infrastructure.

The vulnerability, identified as CVE-2025-69258, allows attackers to inject DLLs without any interaction from the victim, earning a severity score of 9.8/10 (critical).

Patching and Reviewing Systems

According to a recent security advisory, "A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations."

While temporary mitigations are available, such as disconnecting the system from the internet, Trend Micro emphasizes that applying the patch is the most effective solution.

"In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security are up-to-date," the company stated.

Despite the exploit requiring specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible.

The vulnerability has been resolved in Critical Patch Build 7190, which also addresses two additional vulnerabilities: CVE-2025-69259 and CVE-2025-69260, both of which can be exploited by unauthenticated attackers.

In mid-June 2025, Trend Micro resolved several critical vulnerabilities, including some in Apex Central. Although there was no evidence of exploitation at that time, the company urged customers to implement the fixes without delay.

Via BleepingComputer

Related Posts

Developers Skeptical of AI Code Yet Often Skip Verification

Jan 12, 2026

Developers Skeptical of AI Code Yet Often Skip Verification

Despite a lack of trust in AI-generated code, many developers admit they do not consistently check it for errors.

OpenAI Introduces New ChatGPT Feature for Job Seekers

Jan 12, 2026

OpenAI Introduces New ChatGPT Feature for Job Seekers

OpenAI is reportedly developing a new Jobs dashboard within ChatGPT to assist users with job hunting, resume building, and upskilling.

Lenovo Yoga Pro 27UD-10: The Ultimate Monitor with Dolby Atmos and 4K Webcam

Jan 12, 2026

Lenovo Yoga Pro 27UD-10: The Ultimate Monitor with Dolby Atmos and 4K Webcam

Discover the Lenovo Yoga Pro 27UD-10, a cutting-edge monitor featuring Dolby Atmos, Dolby Vision, and a detachable 4K webcam, designed for an immersive viewing experience.

BreachForums Data Breach Exposes 324,000 User Accounts

Jan 12, 2026

BreachForums Data Breach Exposes 324,000 User Accounts

A significant data breach at BreachForums has revealed usernames and IP addresses of nearly 324,000 users, though many IPs are not useful for identification.