Jump to content

blind12

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. But it does get attention as the unsigned executable was the only one that brought up the elevated privileges screen. (I cancelled out and retried later and there was no UAC prompt the second time so the installation UAC prompts may vary).
  2. Hi 1PW, this isn't a database update this time, although I did also wonder how well database updates are verified. It's a program version update and an executable, 2 executables in fact. A previously privileged, signed, 20,447,074-byte "mbam-setup.exe" matching the "mbam-setup-2.0.4.1028.exe" you posted above spawned an unsigned, 706,560-byte "mbam-setup.tmp" https://www.virustotal.com/en/file/6c0465ce64c07e729c399a338705941d77727c7d089430957df3e91a416e9d2a/analysis/ which then requested elevated privileges. And an unsigned executable requesting elevated privileges made me wonder.
  3. Are the MBAM update executables supposed to be digitally signed or not? I don't know how much protection a signature adds. But I kind of recall cases where program updates have been used to introduce a payload, like Finfisher in Firefox updates or something, so I try to keep an eye on at least executable update files. I'm sure Finfisher users have no issue adding any signature to anything of course but smaller players might. And how well protected are other MBAM updates, like data files?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.