Batu69 Posted December 9, 2015 Share Posted December 9, 2015 Malwarebytes fixes memory corruption issue A security vulnerability has been discovered and patched in the Malwarebytes antivirus for Windows, as COSIG (Centre Opérationnel de Sécurité Informatique Gouvernemental) is reporting. The discovery was made by Francis Provencher, a member of the COSIG research & pentesting team based in Quebec, Canada. According to Mr. Provencher, the vulnerability is triggered "when a malformed executable with an invalid integer (-1) in the 'SizeOfRawData' in UPX section is parsed by [the] Malwarebytes [antivirus]." This leads to a memory corruption on the user's computer, which in turn exposes the system to situations where arbitrary code can be executed by an attacker leveraging this issue. A memory corruption occurs when the content of a memory location is unintentionally modified by programming errors, or in this case, by malicious code. Mr. Provencher and COSIG reported the issue to Malwarebytes Corporation, the company behind Malwarebytes Anti-Malware (MBAM), the antivirus solution where the vulnerability was discovered. Malwarebytes, a company that has entered the antivirus market in 2008 and has gained quite a reputation in the meantime, responded to the finding and issued a security patch for its product in no more than two days. Proof of concept code is available on GitHub and via the Protek Research Lab website. "A vulnerability in Malwarebytes Anti-Malware 2.2.0 was reported to us by an independent researcher," a Malwarebytes spokesperson told Softpedia. "A fix was released two days after it was reported to us and we have seen no evidence it has ever been used in the wild. We work closely with external researchers, and are grateful for the opportunity to improve our products." Quote An other vulnerability find by the COSIG, this time its a critical issue in MalwareBytes Antivirus. POC & Advisory https://t.co/X6NFqTGCgQ — Francis Provencher (@ProtekResearch) December 3, 2015 News source Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted December 9, 2015 Share Posted December 9, 2015 good thing they fixed it fast Link to comment Share on other sites More sharing options...
straycat19 Posted December 9, 2015 Share Posted December 9, 2015 The amazing things about these 'flaws' is always something must happen a certain way at the exact point in time when a hacker is attempting to get into the system. Would you like to know what the probability of that happening is? About 1 in 1,000,000,000,000,000,000,000,000,000,000,000,000,000,000. I have a WinXP computer that has been running for 13 years without a firewall, AV, or any security software on it and it has never been infected with anything. I do scan it occasionally. But it still has 363 updates that it download and are waiting for me to install, which I won't because it is stable, after all, it has been running for 13 years, except for downtime for repairs (new power supply and a hard drive) or when moving. So with all those critical updates missing it still has never been hacked, infected, or anything else. So much for the exploit theory. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.