Jump to content

Change Mode

Malwarebytes Security Flaws

caintry_boy

By caintry_boy,
in Viruses, Spyware, Adware

 Share

Recommended Posts

Tomk_ Contributor

Tomk_

Posted
Posted

Two things:

  1. This is a bit more than a theoretical flaw. Malicious code injection can be done. MBAM was able to recreate it... but there is no evidence that this flaw has ever been exploited.
  2. Research shows that this flaw can only be exploited on a machine by machine basis. Malicious code cannot be injected that effects everyone who runs MBAM. It can only be accomplished by specifically targeting a specific machine and then the perpetrator would have to interrupt the update in order to inject their code. It sounds to me like it would take a "man in the middle" setup to pull it off.

What I like to see is that MBAM immediately verified the findings when notified and Marcin immediately admitted to the flaw and set to work to fix it. They have already made some corrections, but do not believe it is totally solved yet. The risk is extremely small, but it appears they are serious about fixing it... rather than just saying "Can't fix everything".

Link to comment
Share on other sites
caintry_boy Newbie

caintry_boy

Posted
  • Author
Posted

Two things:

  1. This is a bit more than a theoretical flaw. Malicious code injection can be done. MBAM was able to recreate it... but there is no evidence that this flaw has ever been exploited.
  2. Research shows that this flaw can only be exploited on a machine by machine basis. Malicious code cannot be injected that effects everyone who runs MBAM. It can only be accomplished by specifically targeting a specific machine and then the perpetrator would have to interrupt the update in order to inject their code. It sounds to me like it would take a "man in the middle" setup to pull it off.

What I like to see is that MBAM immediately verified the findings when notified and Marcin immediately admitted to the flaw and set to work to fix it. They have already made some corrections, but do not believe it is totally solved yet. The risk is extremely small, but it appears they are serious about fixing it... rather than just saying "Can't fix everything".

 

:clap: :clap: :clap:

 

 

 

 

:geezer:

Link to comment
Share on other sites
Tomk_ Contributor

Tomk_

Posted
Posted

Sorry Roger. That information isn't going to do you any good. The ability to check that option will be grayed out on the free version. MBAM Free doesn't have "real-time" protection. The self protection module only works with "real-time" protection.

 

As I understand it, what it does is put any MBAM program updates in a quarantine until a scan is ran on it, to protect against some outside source injecting or manipulating the code. Your free version doesn't do automatic updates so I believe that the theory is... nothing is going to update unless you tell it to so your are unlikely to update from some unknown source.

Link to comment
Share on other sites
Tomk_ Contributor

Tomk_

Posted
Posted

You can upgrade your free version with a click of a button in program. I don't think the disk will do anything new for you. What you need is the activation code... and I believe they ask for money for that.

 

For the record, I run the free version also. I'm not really concerned about the "flaw" that is being worked on.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...