By Eduard Kovacs on December 12, 2014
The upgrade mechanism in older versions of Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit is plagued by a vulnerability that can be exploited to load malicious code on affected systems.
The bug (CVE-2014-4936) was identified by Yonathan Klijnsma, a researcher with Netherlands-based security firm Fox-IT. The vulnerability affects the consumer versions of Malwarebytes Anti-Malware 2.0.2 and earlier, and Malwarebytes Anti-Exploit 1.03 and earlier. Business versions are not impacted.
According to Klijnsma, affected versions of Malwarebytes Anti-Exploit and Malwarebytes Anti-Malware are upgraded over a HTTP connection and they don't use a proper package validation system to ensure that updates are legitimate. Because the application doesn't verify the installer, an attacker can serve any Windows PE file and it will get executed with full administrative privileges on the victim's system.
Both solutions are affected by the flaw because they rely on the same process. The only difference is in the requests for checking the version and getting the update.
full article
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.