Malwarebytes Anti-Exploit Upgrade Mechanism Vulnerable to MitM Attacks

ronjor · Dec 12, 2014

By Eduard Kovacs on December 12, 2014

The security firm has added Klijnsma's name to its hall of fame, the page where it acknowledges the work of independent researchers who help find and fix flaws in Malwarebytes products.
Click to expand...

http://www.securityweek.com/malwarebytes-anti-exploit-upgrade-mechanism-vulnerable-mitm-attacks

Rasheed187 · Dec 12, 2014

Wow, this is a bit painful, but I always turn off auto update in any app.

Gandalf_The_Grey · Dec 12, 2014

If I read the article correctly the upgrade mechanism was vulnerable but that is no longer the case with the recent builds.

ZeroVulnLabs · Dec 12, 2014

That's correct. It was fixed in MBAE 1.04. So unless you have 1.03 you are not vulnerable. Current version is 1.05.

Circuit · Dec 12, 2014

"The upgrade mechanism in OLDER versions of Malwarebytes Anti-Malware and Malwarebytes Anti-Exploit"

People now do not read more than one line of text , and it was on the first line!

siljaline · Dec 14, 2014

While I can't speak for Malwarebytes Anti-Exploit or MBAE, Malwarebytes Anti-Malware has an internal update mechanism that prevents older versions from being maintained and run.

The current MBAM software is not vulnerable to MitM or Man-in-the-middle attack attacks.

Log in or Sign up

Malwarebytes Anti-Exploit Upgrade Mechanism Vulnerable to MitM Attacks

ronjor Global Moderator

Rasheed187 Registered Member

Gandalf_The_Grey Registered Member

ZeroVulnLabs Developer (aka "pbust")

Circuit Registered Member

siljaline Registered Member

Log in or Sign up

Malwarebytes Anti-Exploit Upgrade Mechanism Vulnerable to MitM Attacks

ronjor Global Moderator

Rasheed187 Registered Member

Gandalf_The_Grey Registered Member

ZeroVulnLabs Developer (aka "pbust")

Circuit Registered Member

siljaline Registered Member

Useful Searches