MBAE Exploit CVE-2014-4936 - Sure It Is Patched?

Discussion in 'other anti-malware software' started by itman, Feb 23, 2015.

Thread Status:
Not open for further replies.
  1. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Ref: http://www.securityweek.com/malwarebytes-anti-exploit-upgrade-mechanism-vulnerable-mitm-attacks.

    I know I am going to subject myself to unrelenting attacks by the MBAE fanboys but I decided to let it rip anyway. Guess I am a masochist at heart ...............

    Two weeks I downloaded the recent free ver. of MBAE from the MalwareBytes web site. I then proceeded to do some testing, etc. with it. During those two weeks, I had two instances of strange WIN 7 firewall inbound blocked activity at cold boot time. Blocked DNS plus a couple of inbound IPs for TCP port 80/443. Didn't think a lot about it although I had never previously seen that type of firewall activity.

    Then on the cold boot of 2/20, all hell ripped loose. I had 19 blocked inbound TCP 80/443 request from IP 54.83.10.61 aka stats.mbamupdates.com, also 9 inbound blocked TCP 80/443 from 69.16.175.10 aka the infamous CNet crapserver farm, and a splattering of blocked DNS from my Norton DNS servers.

    I immediately uninstalled MBAE and scrubbed all traces of it from my PC. I have not had any strange blocked inbound firewall activity since.

    Let it rip, boys ..........................
     
  2. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,910
    Location:
    U.S.A.
    Already Posted. Please Search First. Thank You!
     
Thread Status:
Not open for further replies.