Attempted Breech or Burp in Update?

[MI-AR]

We run MB on a server that does spam filtering prior to sending it off to Exchange on a different subnet. This computer blue screened today (it's a hyper-v machine). Copied memory.dmp file and ran it (see attached for full analysis).

ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application.

MB wasn't responding, wouldn't uninstall. Ran other virus scanners and nothing showed as being infected.

Everything seems fine now.

 

 

memdump.txt

[AdvancedSetup]

Hello @MI-AR

When you say you run Malwarebytes on a Server. What version of Malwarebytes?

Malwarebytes name alone normally references our Consumer version of the product which is not typically licensed for use on a Server.

Can you please provide more details on the Malwarebytes product name and version as well as the Server version running on

Thank you

 

[MI-AR]

Malwarebytes for Teams 4.3.0 (Business). I didn't realize it wasn't for use on Server.

[AdvancedSetup]

It may be licensed for it. I'm just saying that in general we make different products that are specifically geared for a Server.

If you can run the following for us as well as zip and upload the dump file we can take a closer look and see what may be causing it.

Upload Malwarebytes Support Tool logs offline

Thanks

 

[MI-AR]

The memory.dmp file is 2.2 GB in size. I can link to google drive privately.