18 posts in this topic

Posted

Today Malwarebytes pushed out an update which proceeded to quarantine most of the system32 directory among other folders bring systems to their knees. You can follow the information at the following thread.

The newest update that just downloaded broke - hard.
[url="http://forums.malwarebytes.org/index.php?showtopic=125127&st=0"]http://forums.malwar...pic=125127&st=0[/url]

An update has been released which fixes the bad definition.

Share this post


Link to post
Share on other sites

Posted

It's beyond my comprehension why an AV definition would be pushed out without at least testing it on one system beforehand.
1 person likes this

Share this post


Link to post
Share on other sites

Posted

hilarious
1 person likes this

Share this post


Link to post
Share on other sites

Posted

Hmmm, I have Malwarebytes Pro and it constantly updates and scans, and I haven't experienced any problems.

Share this post


Link to post
Share on other sites

Posted

...reminds me of an old xp system 32 joke
I forget how it went, but essentially deleting system 32 cleans all spyware from xp
(Untrue and a silly thing to do, granted)

Share this post


Link to post
Share on other sites

Posted

hmmm, i too have many dozens of systems with real time malwarebytes protection, nothing wrong happening to them... specific conditions only maybe?
1 person likes this

Share this post


Link to post
Share on other sites

Posted

And that's why I don't use that sort of software.

I feel for those customers affected. :/

Share this post


Link to post
Share on other sites

Posted

This is causing us about 70 re-installations of Windows, Office, etc. tonight. NOT FUN. We were on the Enterprise version and all of a sudden all of our workstations came crashing down. The enterprise got the update and pushed it out to all the clients simultaneously. We just purchased it about a week ago.

Share this post


Link to post
Share on other sites

Posted

[quote name='Raa' timestamp='1366078272' post='595639778']
And that's why I don't use that sort of software.
[/quote]

You don't use any antivirus or antimalware programs?

Share this post


Link to post
Share on other sites

Posted

[quote name='Scott Hellewell' timestamp='1366078960' post='595639790']
This is causing us about 70 re-installations of Windows, Office, etc. tonight. NOT FUN. We were on the Enterprise version and all of a sudden all of our workstations came crashing down. The enterprise got the update and pushed it out to all the clients simultaneously. We just purchased it about a week ago.
[/quote]

Yeah that isn't any fun at all. This is why you'll have to have an update gateway on the Enterprise level allowing you to test updates in the lab before allowing them loose on the install base. Sucks, but when stuff like this gets through it burns hard.

If Malwarebytes doesn't allow that I would just chuck it until it did.

Share this post


Link to post
Share on other sites

Posted

These types of things are always a risk when using real time protection. I've had to help deal with other system-breaking issues caused by bad updates in the past with other products (100% cpu usage issue that prevented the system from logging in (Trend PC-Cillin, a reboot loop (can't remember what product that was) and false positives breaking various programs).

Share this post


Link to post
Share on other sites

Posted

[quote name='TRC' timestamp='1366079041' post='595639794']


You don't use any antivirus or antimalware programs?
[/quote]

AV protection is overrated.

A good blacklist should suffice.

Share this post


Link to post
Share on other sites

Posted

And this is why we now use Forefront at our university. Worst that ever happened was a Google Chrome false positive.

Also reinforces my use of Windows Defender at home.

Share this post


Link to post
Share on other sites

Posted

[quote name='TRC' timestamp='1366079041' post='595639794']
You don't use any antivirus or antimalware programs?
[/quote]

I never use anything on my personal machines. I put usually put MSE or MBAM on machines I give to my family but I haven't used anything in years and have been fine. As long as you're smart, I don't think it's a problem. I also never install Java on my own machines which probably helps. ;)

Share this post


Link to post
Share on other sites

Posted

Hello,

No idea what happened here, but some anti-malware developers test their virus signature database updates against supported operating systems (all the combinations of service pack levels, localizations, CPU architectures) as well as popular applications (Microsoft, Adobe, Google, [i]et cetera)[/i] before releasing them to ensure a hit on a false positive doesn't reach their customers.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

Posted

[img]https://a248.e.akamai.net/camo.github.com/fc10997b85ff0edd4423baa642d4656d216eb1e7/687474703a2f2f32362e6d656469612e74756d626c722e636f6d2f74756d626c725f6c7032376a317a4c6c6a3171667864766c6f315f3430302e706e67[/img]
1 person likes this

Share this post


Link to post
Share on other sites

Posted

[quote name='goretsky' timestamp='1366082252' post='595639850']
Hello,

No idea what happened here, but some anti-malware developers test their virus signature database updates against supported operating systems (all the combinations of service pack levels, localizations, CPU architectures) as well as popular applications (Microsoft, Adobe, Google, [i]et cetera)[/i] before releasing them to ensure a hit on a false positive doesn't reach their customers.

Regards,

Aryeh Goretsky
[/quote]
yeah, and it seem malwarebytes skip this process.

Share this post


Link to post
Share on other sites

Posted

I think this is very much a coming of age story for every antimalware provider. I genuinely cannot think of any that have managed to learn this lesson the easy way, although for some the memory is a bit fuzzy from time. I think AVG had one of the most practical responses with a bootable Linux ISO available the next day which would undo the damage.

At least you can be sure that they won't make that mistake twice and MBAM's realtime protection is finally ready for production. :rofl:[size=4] [/size]
1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.