Jump to content

Meltdown Mitigation


IT_1152

Recommended Posts

right now with MB installed seems you can only do it manually if you wanted.  Auto update will not install the patch based on the REGKEY not being present that AV vendors are supposed to be pushing once they are compatible.  One guy mentioned he did it without any issues but still a bit scared to do it myself.

Link to post
Share on other sites

I don't have an answer right now, regression testing is still underway.

The update for MB3 based products, to allow the registry needed to be created, was released on Jan 4th. To be absolutely clear, all of our products are, and have been, compatible with the patch. It was the creation of the registry key to allow automatic pulling of the patch which was not yet done at the time.

Edited by djacobson
Clarification due to being misquoted and misunderstood
Link to post
Share on other sites

Yes. For now, users with MB3 based software installed and registered with Windows Action Center will not be able to receive any MS updates automatically, starting with the Jan. 2018 update. You can either apply the update manually or set the Malwarebytes action center setting to "Never register Malwarebytes in Windows Action Center" so that the MS update can apply automatically. Only Windows 10 and Server 2016 have patches.

Update: this no longer applies now that our update is out, you no longer have to touch your Action Center settings within the MB3 based programs.

Edited by djacobson
update
Link to post
Share on other sites

Thanks!. On one system this morning I checked windows update serveral times and it said I was up to date, then finally it saw updates, downloaded, installed (took over an hour) and now when I run the powershell command from MS to check if the patch is applied I get False for all 5 CVE. I found this post and changed my action center setting to what Dyllon stated and rebooted. Same result in powershell. Checked windows update and they are downloading. Much obliged. 

Link to post
Share on other sites

  • Staff

Consumer side has already been updated - there is no need to change any Malwarebytes settings.

Open Malwarebytes and click 'Check for Updates' to ensure you have the latest update package.

Next, click Settings > About tab and verify that you have Update Package version 1.0.3624

Link to post
Share on other sites

13 hours ago, ElPiedra said:

Since the "Malwarebytes Database Update 1.0.3624" - all Malwarebytes users are able to receive the Microsoft Patch to mitigate Meltdown.

3624.thumb.png.293d8c98cbc0bbbd32dbcb2e83e6925e.png

Source: Malwarebytes Blog (update as of 1/04/18)

 

I am using free (Premium trial ended) version currently, using Windows 7 SP1, will i have this key after installing latest MBAM database update?

Link to post
Share on other sites

14 hours ago, ElPiedra said:

Since the "Malwarebytes Database Update 1.0.3624" - all Malwarebytes users are able to receive the Microsoft Patch to mitigate Meltdown.

3624.thumb.png.293d8c98cbc0bbbd32dbcb2e83e6925e.png

Source: Malwarebytes Blog (update as of 1/04/18)

 

Hello. You are referring  1.0.3624 as DATABASE UPDATE term. Isn't it wrong?  1.0.3624 should be component package update version. Database updates are being performed and versioned daily, almost hourly in year/day/month format.

Link to post
Share on other sites

  • Staff

The database version that you are used to seeing as time and date format in previous versions of MBAM, are no longer shown that way in this UI

There is a difference between the Component Package, the Update package, and the database version.  What is important here is the Update package version - it needs to be at lease 1.03624

You can view the database version if you run mb-check and look at the mb-checkresults.txt.

Malwarebytes Version information
==================================
   "controllers_version" : "1.0.272",
   "db_version" : "2018.01.05.06",
   "dbcls_pkg_version" : "1.0.3630",
   "installer_version" : "3.3.1",

Link to post
Share on other sites

3 hours ago, Ried said:

Yes, you will but please know that Microsoft isn't sending out this patch until Tuesday for those on Windows 7, 8, and 8.1.

If you want to get it early, please see this article in our Knowledge Base https://support.malwarebytes.com/docs/DOC-2297

Additional information on this vulnerability can also be found in our Public Forum here

 

What version should Endpoint be at? How do I verify the computers on Endpoint show the correct version? 

Link to post
Share on other sites

@Roadrunner562, this isn't as easy to see with EP, but MB-Check will show you just like on the consumer's. See this guide for the download and how-to - https://support.malwarebytes.com/docs/DOC-1375

Here's an example of an up-to-date MB-Check result for EP:

Malwarebytes Version information
==================================
   "controllers_version" : "1.0.263",
   "db_version" : "2018.01.05.07",
   "dbcls_pkg_version" : "1.0.3631",
   "installer_version" : "3.3.2",

Link to post
Share on other sites

19 hours ago, Ried said:

Yes, you will but please know that Microsoft isn't sending out this patch until Tuesday for those on Windows 7, 8, and 8.1.

If you want to get it early, please see this article in our Knowledge Base https://support.malwarebytes.com/docs/DOC-2297

Additional information on this vulnerability can also be found in our Public Forum here

 

Thanks for your reply. However i am getting different and contradicting responses from other parts of Internet. About the registry key, isn't Microsoft creating that key if we install the hotfix patch? Or Malwarebytes creating the key?

What behaviours would happen if i update Malwarebytes update package version to 1.0.3624 and DO NOT INSTALL Microsoft hotfix on KB4056897?

I temporarily decided to hold the installation of MS patch due to massive side effects reported on different online communities such as Cpu slow down and intermittent crashes. But i want to update Malwarebytes on the other hand to stay safe and to stay up-to-date against threats. That's why i want to know all for this reason.

I appreciate sir.

Link to post
Share on other sites

@kimiraikkonen what happens is when you check for updates, Windows Updates looks to see if you have security software registered in Windows Action Center.  If you do, it looks to see if that registry key exists, because that key should be put in place by the security vendor. If that key is missing, the update won't be pulled down. If the key is there, the update is installed.

As for the question of what Free users need to do, it's nothing. This only impacts Malwarebytes if you have Malwarebytes registered in Windows Action Center. You can only register Malwarebytes in Windows Action Center in the Premium/Trial mode, free mode does not provide real time protection, and therefore does not register.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.