NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
Malwarebytes free 3.3.1 quarantine driver#
** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018. ** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024. ** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. ** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020. ** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004. ** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e008.
** DISPUTED ** In Malwarebytes Premium 3., the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
An attacker can construct a situation where the same PID is used for running two different programs at different times, by leveraging a race condition during crafted use of posix_spawn. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. An issue was discovered in Malwarebytes before 4.0 on macOS.
0 kommentar(er)
