What does this mean?
Should I avoid using MalwareBytes until the flaw is fixed?
Can I continue using it and trust that it will be fixed speedily?
Should I look for another reputed (free) anti malware app for now? (If so, any recommendations?)
TX
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
If - like me - you have the free version, it might be best to avoid using Malwarebytes Anti-Malware until the flaw has been fixed.
The recommended "Self-protection" setting is only available in the paid Pro version.
I find it rather disappointing that they didn't take steps until the flaw was made public, three months after they had been informed of it confidentially...
Many years ago, I relied on Spybot. I abandoned it when it became ever more clunky and slow over time, and I don't know how it fares nowadays, but I might give it a try again.
From what I read there is no real explanation about how this could be exploited. It would seem from the limited description that a bad guy would have to know the exact time you are checking for definition updates to get in between you and Malwarebytes. Malwarebytes said they mitigated some issues on their server side.
As I said though there is no real explanation and if anyone feels uncomfortable using MBAM until the next release by all means leave it be.
I have also installed Spybot and I got an initial error on the updating of definitions. I closed it and a little while after reopened and ran an update again and it went through without error. The paid for version is probably better, but as Hans mentions....its a bit of a stutter start to this product esp. as I'm familiar with the silkiness of MalwareBytes.
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Also, Spybot signals a lot of "problems" that aren't problems at all; it would be very difficult for a non-technical user to distinguish between serious problems and superfluous warnings.
I still don't like this program, I'm uninstalling it again.
The scan report was very complicated. It reported that I had 47 issues, many of them made no sense to me.
I'm also going to run it through Revo pretty soon!
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
Oh, and although I had only installed the free version (anti-spyware but not anti-virus), it disabled my anti-virus program and deleted the nightly scan it had set up. I strongly advise against installing Spybot, regardless of the glowing reviews it gets!
Although that is disappointing, I don't think the flaw poses a serious risk. As JoeP pointed out above, the thread mentions
2. Research shows that this flaw can only be exploited on a machine by machine basis. Malicious code cannot be injected that effects everyone who runs MBAM. It can only be accomplished by specifically targeting a specific machine and then the perpetrator would have to interrupt the update in order to inject their code. It sounds to me like it would take a "man in the middle" setup to pull it off.
This is a very small risk for the free version as that version does not automatically update the software. Manual updates of the free version are unlikely to get malicious code injected if the user is aware enough to keep from being in a location where a man-in-the-middle attack is possible (open Wi-fi, etc.).
I just wanted to bounce it off users here before I jumped at using it again.
The report in my link (and your feedback) is "encouraging" since I used it regularly before the report.
Cheers
Regards,
Rudi
If your absence does not affect them, your presence didn't matter.
A link from the author's name on MajorGeeks takes you to https://toolslib.net/downloads/" onclick="window.open(this.href);return false;. Another reliable source for AdwCleaner is http://www.bleepingcomputer.com/download/adwcleaner/" onclick="window.open(this.href);return false; (along with several other specialized malware utilities).
HansV wrote:I haven't used AdwCleaner. I can't seem to find the website of its publisher, only generic download sites (which I try to avoid if possible).
Joe beat me to it, listing bleeping computer as a good site for DL it.
