Malwarebytes product patch pummels user CPUs

A malformed patch update angered users dealing with bloated CPU and RAM usage.
Written by Charlie Osborne, Contributing Writer

20,000 perfect patches may be under the belt, but it only takes one or two poor ones to raise the ire of users, as Malwarebytes has discovered.

The antivirus software vendor, known for providing mobile and PC-based protection, pushed out a production update on Saturday.

However, users quickly swarmed the Malwarebytes forum to complain of sudden spikes in CPU and RAM usage, sometimes severe enough to crash or freeze their systems.

Screenshots and customer complaints included sudden gigabytes of RAM usage, real-time web protection turning itself off and failing to restart, and jammed systems due to resource usage overloads.

The failed update impacted Malwarebytes for Windows Premium, Malwarebytes for Windows Premium Trial, Malwarebytes Endpoint Security (MBES), and Malwarebytes Endpoint Protection (Cloud Console).

According to Malwarebytes' analysis (.PDF), the issue was caused due to web protection blocks. The company has been working to improve this area of web protection and added "enhanced detection syntaxes" to include block categories in product definitions.

However, an "oversight" caused a failure. Syntax controls were not implemented in the new detection syntax, deforming detection procedures and spiking resource usage.

"The root cause of the issue was a malformed protection update that the client couldn't process correctly," Malwarebytes administrator Marcin Kleczynski said. "We have pushed upwards of 20,000 of these protection updates routinely."

"We test every single one before it goes out," Kleczynski added. "We pride ourselves on the safety and accuracy of our detection engines. To say I am heartbroken is an understatement."

See also: NonPetya ransomware forced Maersk to reinstall 4,000 servers, 45,000 PCs

Customers have reported that the fix is no longer destroying their CPU and memory usage and appears stable.

Users impacted by the update must install the latest fix and may have to restart their systems a number of times to resolve the issue.

The reasons why you should hide your IP address

Previous and related coverage

    Reddit enables two-factor authentication

    It has taken some time, but the website is finally offering enhanced security for Reddit accounts.

    Electron critical vulnerability strikes app developers

    The dangerous bug allows attackers to remotely execute code through the popular app framework.

    NjRat secures top spot as most active network malware in 2017

    The most common Trojan found on today's networks is also, unfortunately, one that script kiddies delight in.

      Editorial standards