From ComputerWorld: Malwarebytes said it could take three or four weeks to fix flaws in its consumer product that were found by a Google security researcher.
The company has fixed several server-side vulnerabilities but is still testing a new version of its Anti-Malware product to fix client-side problems, CEO Marcin Kleczynski said in a blog post.
In the meantime, customers can implement a workaround: Those using the premium version of Anti-Malware "should enable self-protection under settings to mitigate all of the reported vulnerabilities," he wrote.
Kleczynski apologized, saying vulnerabilities are a reality that come with software development. "While these things happen, they shouldn’t happen to our users," he wrote.
Google researcher Tavis Ormandy uncovered several issues with the Anti-Malware product, including that it doesn't use encryption when downloading fresh signatures.
View: Article @ Source Site
