Trend Micro · Trend Micro Security · CVE-2009-0686
**Name of the Vulnerable Software and Affected Versions**
Trend Micro Internet Pro versions 2008 and 2009
Trend Micro Security Pro versions 2008 and 2009
**Description**
The issue allows local users to gain privileges through a crafted IRP in a METHOD NEITHER IOCTL request to the Devicetmactmon device, which overwrites memory.
**Recommendations**
For Trend Micro Internet Pro versions 2008 and 2009, update the TrendMicro Activity Monitor Module to a version that is not affected by this issue.
For Trend Micro Security Pro versions 2008 and 2009, update the TrendMicro Activity Monitor Module to a version that is not affected by this issue.