DoubleAgent attack - MBAM for buisness upate ETA ?

[MarkR]

https://www.bleepingcomputer.com/news/security/new-attack-uses-microsofts-application-verifier-to-hijack-antivirus-software/

At the time of writing, "the only vendors that released a patch are Malwarebytes (version number: 3.0.6 Component Update 3), AVG (version number: 16.151.8007) and Trend-Micro (should release it soon)," Engstler added.

Does this affect the Enterprise version and if so when can we expect a patch please ?

[djacobson]

The recently published "DoubleAgent" attack was disclosed by Cybellum to Malwarebytes on January 20th, 2017. We were already aware of the issue at the time and were working on measures to improve the self-protection mechanism in our products to protect against this attack vector. Malwarebytes 3.0 had a fix released in late February. Malwarebytes Anti-Malware 1.80 is currently undergoing testing and we will have a formal statement regarding this build soon. If you are running the latest version of Malwarebytes Anti-Exploit, 1.09.2.1334, it will block this attempted exploit.

The vulnerability used in the attack is not specific to Malwarebytes software, it affects any Windows application that does not have the appropriate protections in place. Furthermore, the vulnerability requires the attacker to have local administrative privileges on the target machine.