Buggy Malwarebytes protection update wreaks havoc for users

Malwarebytes pushed out a protection update that gobbled up memory and CPU resources and turned off web protection. The first fix still left users with unusable or crashing computers, but the latest release resolved the issue.

Buggy Malwarebytes protection update wreaks havoc for users
Michael Kan

A neighbor called me, seeking help with his computer. He’s not technically inclined, so his explanation didn’t immediately make much sense: He wasn’t certain if he was even connected to the Internet, but his browser kept crashing. He was having a hard time giving me answers, as his laptop was nearly unresponsive. When asked if he had run a Malwarebytes scan, he mentioned that web protection was turned off and he couldn’t get it to turn back on. Little did I expect for the problem to actually be caused by Malwarebytes.

On Saturday, after Malwarebytes pushed an update to consumers with Premium and Premium Trial, as well as enterprise Endpoint Security users, the company’s forums lit with complaints that the software was hogging 90 percent or more of memory and CPU resources. One post about RAM usage currently is 37 pages long.

Aware of the problem, Malwarebytes tweeted that “all hands” were on deck to resolve the issue.

Unfortunately, even though a new update package was pushed out in about an hour, it did not fix the problem. Even after rebooting their computers, some users reported that their systems locked up as soon as the Malwarebytes Service process started, as it ate large amounts of RAM.

Malwarebytes pushed out a second update to address the memory leak issue.

What caused the problem?

Malwarebytes CEO Marcin Kleczynski explained, “Earlier this morning, we published a protection update that caused connection issues for many of our customers. As a side effect of the web protection blocks, the product also spiked memory usage and possibly caused a crash. We have triaged this issue and pushed a protection update that resolves it.”

“The root cause of the issue was a malformed protection update that the client couldn't process correctly,” Kleczynski added. “We have pushed upwards of 20,000 of these protection updates routinely. We test every single one before it goes out. We pride ourselves on the safety and accuracy of our detection engines. To say I am heartbroken is an understatement.”

If the update didn’t automatically fix the problem, then he suggested shutting down web protection, checking for updates and rebooting the computer. If the update package version is 1.0.3803 or higher, then you have a database which addressed the issue.

To resolve, simply reboot your machine. In some cases, a second or even third reboot may be needed.
To verify you have this update, go to Settings ->  About -> Update package version: 1.0.3803

Kleczynski was “personally available” to discuss the problem on both the forums and via his email. Endpoint Security solution customers can contact corporate-support@malwarebytes.com if they are still experiencing an issue.

Malwarebytes apologized several times on its forums and on Twitter.

The company is investigating what happened and also posted the steps to resolve the issue in a blog post. It has steps for consumers, as well as for users with Malwarebytes Endpoint Security on-premises and cloud protection.

Getting your computer or business back up and running is our utmost priority, as is rebuilding your trust.

Related:
NEW! Download the Winter 2018 issue of Security Smart