Jump to content

Use Malwarebytes antivirus? Then you should see what Google has found


Recommended Posts

http://cdn.mos.techradar.com/art/internet/Cables/Virus_synapse-470-75.jpg

Be warned that if you use Malwarebytes Anti-Malware, a popular piece of software for combating malware, there are some major vulnerabilities in the program – and these won't be fixed for some time yet.

The security flaws were first discovered by researcher Tavis Ormandy, who is part of Google's Project Zero team that searches out exploits. Ormandy informed Malwarebytes of the vulnerabilities back in November, but now more than three months has passed, the details have been made public (which is Project Zero's policy).

Obviously, that makes these security holes all the more dangerous, as when it comes to malware authors and peddlers, all and sundry are now aware of the issues and can attempt to exploit them.

Apparently, Malwarebytes was able to fix a number of the vulnerabilities pretty much immediately after being told server-side, but patching up the client software is a different and evidently entirely trickier matter.

As it stands, the company says that it is now testing a new version of the client software with the flaws patched, but this won't be released for another three to four weeks, worryingly.

Signature snafu

Ormandy listed four vulnerabilities which affected Malwarebytes Anti-Malware, the principal one being that the program gets its signature updates over HTTP, which could potentially allow a man-in-the-middle attack to be successfully instigated.

In a blog post, Malwarebytes said: "The research seems to indicate that an attacker could use some of the processes described to insert their own code onto a targeted machine. Based on the findings, we believe that this could only be done by targeting one machine at a time. However, this is of sufficient enough a concern that we are seeking to implement a fix."

Note that if you're using the premium (paid-for) version of Malwarebytes Anti-Malware, you can go to settings and enable self-protection, and that will apparently take care of these vulnerabilities. Free users don't have that luxury, unfortunately.

Malwarebytes has apologised, saying: "While these things happen, they shouldn't happen to our users." The company has also initiated its own bug bounty program, in an effort to ferret out further vulnerabilities – something of a PR/damage control move, of course, but certainly a good idea nonetheless.

Malwarebytes certainly isn't alone though, and indeed Tavis Ormandy found a gaping flaw in Trend Micro's antivirus product last month. He's previously exposed other security outfits as well, such as Sophos.

Via: ZDNet




http://rc.feedsportal.com/r/247390449766/u/49/f/415085/c/669/s/4d5b8a37/sc/28/rc/1/rc.img

http://rc.feedsportal.com/r/247390449766/u/49/f/415085/c/669/s/4d5b8a37/sc/28/rc/2/rc.img

http://rc.feedsportal.com/r/247390449766/u/49/f/415085/c/669/s/4d5b8a37/sc/28/rc/3/rc.img

http://da.feedsportal.com/r/247390449766/u/49/f/415085/c/669/s/4d5b8a37/sc/28/a2.imghttp://pi.feedsportal.com/r/247390449766/u/49/f/415085/c/669/s/4d5b8a37/sc/28/a2t.imghttp://rss.feedsportal.com/c/669/f/415085/s/4d5b8a37/sc/28/mf.gifhttp://feeds.feedburner.com/~r/techradar/software-news/~4/L6bvw0z0wng
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...