Randomdhiraj

**Name of the Vulnerable Software and Affected Versions** Trend Micro Antivirus for Mac 2020 (Consumer) **Description** The issue allows an Internationalized Domain Name homograph attack, also known as a Puny-code attack, to be used for adding a malicious website to the list of approved websites. This can bypass the web threat protection feature. **Recommendations** For Trend Micro Antivirus for Mac 2020 (Consumer), consider restricting access to the feature that allows adding websites to the approved list until a fix is available. As a temporary workaround, manually monitor and verify the approved websites list to prevent malicious additions.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified) **Description** A remote code execution issue exists due to improper input validation before loading dynamic link library (DLL) files. This can be exploited by an attacker to execute arbitrary code using a specially crafted document. The vulnerability is also related to the use of an unreliable path search. **Recommendations** For Microsoft Office, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft 365 Apps for Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability.