Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Google ninjas go public with security holes in Malwarebytes antivirus

  • Please log in to reply
4 replies to this topic

#1 JohnC_21


  • Members
  • 24,449 posts
  • Gender:Male
  • Local time:10:17 PM

Posted 02 February 2016 - 10:43 PM

Software biz races to fix bugs everyone now knows: TheRegister

Malwarebytes is rushing to plug security flaws in its software that allow miscreants to sling malware at its customers.

The antivirus firm says it has addressed server-side vulnerabilities that were reported by Google Project Zero researcher Tavis Ormandy in November. However, security holes remain in the client-side software that runs on people's Windows PCs.

These latter vulnerabilities may take up to three weeks to fix and release, although Ormandy has already gone public with details of the holes. Project Zero gives vendors 90 days to fix their broken software before they go fully public. Time's up for Malwarebytes, so now miscreants can start to exploit the reported vulnerabilities:

  • Malwarebytes updates are not signed or downloaded over a secure channel
  • Malwarebytes uses incorrect ACLs allowing trivial privilege escalation
  • TXTREPLACE rules are not context aware, allowing code inject
  • ACTIONs can result in remote code execution



BC AdBot (Login to Remove)


#2 PhotoAce


  • Members
  • 165 posts
  • Gender:Male
  • Location:New Zealand
  • Local time:03:17 PM

Posted 02 February 2016 - 10:53 PM

You could also read this, from Malwarebytes:



#3 MoxieMomma


  • Members
  • 471 posts
  • Local time:08:17 PM

Posted 02 February 2016 - 10:55 PM



EDIT: LOL! Beat me.  Great minds think alike! :wink:


Somewhat old and perhaps misleading news, as the article refers to MBAM as an "antivirus".

MBAM never was and is not an anti-virus.


Also, see this post from the Malwarebytes CEO: https://blog.malwarebytes.org/news/2016/02/malwarebytes-anti-malware-vulnerability-disclosure/


Just sayin',

MM (just a home user unaffiliated with the company in any way)

Edited by MoxieMomma, 02 February 2016 - 10:55 PM.

#4 raw


    Bleeping Hacker

  • Members
  • 2,577 posts
  • Gender:Male
  • Location:Texas
  • Local time:09:17 PM

Posted 02 February 2016 - 11:12 PM

We actually have a member who is affiliated.

Christopher 'paperghost' Boyd




 rawcreations.net          @raw_creations

Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.

#5 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 51,771 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:10:17 PM

Posted 03 February 2016 - 07:57 AM

Malwarebytes Bug Bounty and the Coordinated Vulnerability Disclosure Program
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users