IMPORTANT: Web Blocking / RAM Usage

Product Information

Earlier this morning, we published a protection update that caused connection issues for many of our customers. As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash.

We have triaged this issue and pushed a protection update that resolves it.

For our consumer solutions

Please follow the steps below on how to update to the latest database:

1. Open Malwarebytes
2. Turn OFF web protection by Clicking on “settings”, click to turn web protection OFF
3. Under Scan Status (right side), click next to “Updates” to have Malwarebytes download the latest database
4. Restart PC
(Note it may take up to 2 restarts after the update to stabilize the system)

To confirm that you are on the latest database please follow the steps below:

1. Open Malwarebytes
2. Click on Settings
3. Click on the About tab
4. Next to “Update package version” if you see version 1.0.3803 or higher you are on the latest database which addresses the issue.

If the above doesn’t resolve the issue, please reach out to support at support@malwarebytes.com.

For our business solutions

Please follow the appropriate steps below to update to the latest database:

Malwarebytes Endpoint Security (On-premises)

First step to get the update is to disable the real-time protection. To do this in the Management console:

1. Open up the policy the clients are on and go to the protection tab.
2. From here, disable the ‘enable protection module’ option.
3. Once this is done click OK. When your clients check in they will get this new policy update.
4. Once real-time is protection is disabled and your clients can communicate, highlight the endpoints on the client screen and click the update database button at the top.
5. After the update is applied, a reboot of the machine may be required.

Note: If your client cannot resolve internal addressing, then re-installing the agent manually on the machine will need to be done. The client will not be able to reach out to the server for a policy update and will never be able to turn off the real-time protection.

Malwarebytes Endpoint Protection (Cloud)

1. From the Malwarebytes Cloud console, go to the endpoints pane and select all the endpoints.
2. In the action drop-down, choose the ‘check for protection updates’ option to force an update on all endpoints to database update 1.0.3803.

This should fix the problem for the vast majority of Endpoint Protection endpoints.

If endpoints are still affected after applying this, please reboot the machine.

If the remote agent is unable to reach out and get this update, then we must disable the web protection:

1. In the Malwarebytes Cloud console, Go to the settings> policies> and open up the policy the clients are on.
2. From here, go to the endpoint protection policy and turn off the “Web Protection” portion of the policy. Then:

a. If the machine is unresponsive, reboot the machine and log in.

b. Once in, right click on the tray icon and start a scan. This will force a database update and fix the issue.

c. Once updated, cancel the scan and reboot the machine.

3. When the computers are all online and updated, please turn back on the web protection again in the Endpoint Policy.

If the above doesn’t resolve the issue, please reach out to support at corporate-support@malwarebytes.com

The root cause of the issue was a malformed protection update that the client couldn’t process correctly. We have pushed upwards of 20,000 of these protection updates routinely. We test every single one before it goes out. We pride ourselves on the safety and accuracy of our detection engines and will work to ensure that this does not happen again.

Getting your computer or business back up and running is our utmost priority, as is rebuilding your trust.

Source: Werzit – Local – Space – Cyber