Malwarebytes Vulnerability


  1. Posts : 1,026
    Win10 Version 21H2 19044.1645
       #1

    Malwarebytes Vulnerability


    A security vulnerability has been discovered and patched in the Malwarebytes antivirus for Windows, as COSIG (Centre Opérationnel de Sécurité Informatique Gouvernemental) is reporting.
    The discovery was made by Francis Provencher, a member of the COSIG research & pentesting team based in Quebec, Canada.
    According to Mr. Provencher, the vulnerability is triggered "when a malformed executable with an invalid integer (-1) in the 'SizeOfRawData' in UPX section is parsed by [the] Malwarebytes [antivirus]."
    This leads to a memory corruption on the user's computer, which in turn exposes the system to situations where arbitrary code can be executed by an attacker leveraging this issue.
    A memory corruption occurs when the content of a memory location is unintentionally modified by programming errors, or in this case, by malicious code.
    Mr. Provencher and COSIG reported the issue to Malwarebytes Corporation, the company behind Malwarebytes Anti-Malware (MBAM), the antivirus solution where the vulnerability was discovered.
    Malwarebytes, a company that has entered the antivirus market in 2008 and has gained quite a reputation in the meantime, responded to the finding and issued a security patch for its product in no more than two days.
    Proof of concept code is available on GitHub and via the Protek Research Lab website.
    "A vulnerability in Malwarebytes Anti-Malware 2.2.0 was reported to us by an independent researcher," a Malwarebytes spokesperson told Softpedia. "A fix was released two days after it was reported to us and we have seen no evidence it has ever been used in the wild. We work closely with external researchers, and are grateful for the opportunity to improve our products."
    http://news.softpedia.com/news/secur...s-497329.shtml
      My Computer


  2. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #2

    Hi:

    I'm not qualified to address the veracity of the claims made in the article.
    I'll defer to others with more security expertise.
    A security vulnerability has been discovered and patched in the Malwarebytes antivirus for Windows,
    I will, however, say that I am immediately skeptical of its accuracy, given the fact that that Malwarebytes Anti-Malware (MBAM) is not, was not and never has been an "antivirus for Windows".
    It is a specialized anti-malware application designed to run alongside an antivirus.

    This article explains in more detail: Does Malwarebytes Anti-Malware replace antivirus software?


    Cheers,
    MM
      My Computer


  3. Posts : 1,026
    Win10 Version 21H2 19044.1645
    Thread Starter
       #3

    Semantics.

    Malwarebytes admits the vulnerability in the last paragraph. Point is Malwarebytes, like all security software, is not perfect.
      My Computer


  4. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #4

    True.
    I hope the researchers are better at their security job than they are at nomenclature.

    Thankfully, the vulnerability was fixed several days ago.

    Cheers,

    MM
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:37.
Find Us




Windows 10 Forums