MBAE Exploit CVE-2014-4936 - Sure It Is Patched?

Ref: http://www.securityweek.com/malwarebytes-anti-exploit-upgrade-mechanism-vulnerable-mitm-attacks.

I know I am going to subject myself to unrelenting attacks by the MBAE fanboys but I decided to let it rip anyway. Guess I am a masochist at heart ...............

Two weeks I downloaded the recent free ver. of MBAE from the MalwareBytes web site. I then proceeded to do some testing, etc. with it. During those two weeks, I had two instances of strange WIN 7 firewall inbound blocked activity at cold boot time. Blocked DNS plus a couple of inbound IPs for TCP port 80/443. Didn't think a lot about it although I had never previously seen that type of firewall activity.

Then on the cold boot of 2/20, all hell ripped loose. I had 19 blocked inbound TCP 80/443 request from IP 54.83.10.61 aka stats.mbamupdates.com, also 9 inbound blocked TCP 80/443 from 69.16.175.10 aka the infamous CNet crapserver farm, and a splattering of blocked DNS from my Norton DNS servers.

I immediately uninstalled MBAE and scrubbed all traces of it from my PC. I have not had any strange blocked inbound firewall activity since.

Let it rip, boys ..........................