Malwarebytes Released Two Bad Web Protection Updates

Malwarebytes had a bad day Saturday, pushing out an update "that gobbled up memory and CPU resources and turned off web protection," reports CSO. The company's forums lit up with complaints that the software was hogging 90 percent or more of memory and CPU resources. One thread about RAM usage currently is 37-pages long. Aware of the problem, Malwarebytes tweeted that "all hands" were on deck to resolve the issue. Unfortunately, even though a new update package was pushed out in about an hour, it did not fix the problem. Even after rebooting their computers, some users reported that their systems locked up as soon as the Malwarebytes Service process started as it ate large amounts of RAM.
"Two bad updates later, Malwarebytes released a fix," CSO reports, noting the company's blog post with steps to resolve the issue.

Long-time Slashdot reader marquis111 shares a link to an apology from Malwarebytes CEO Marcin Kleczynski, who says that he'll be "personally available" to discuss the problem on both the forums and at his personal email address.

Who knows?

[110010001000]

Malwarebytes is closed source software. It could literally be doing anything to your system. You have no control over it, or what it does. So you basically are trusting some corporation.

Re:Who knows?

[geekmux]

Malwarebytes is closed source software. It could literally be doing anything to your system. You have no control over it, or what it does. So you basically are trusting some corporation.

Uh, I'm afraid your point was completely lost due to the fact that the people who need Malwarebytes aren't running FOSS.

That also includes the OS.

Re:

[110010001000]

Why? Is it not possible to run FOSS and non-FOSS on the same system? Interesting!

Re:

[110010001000]

Maybe. What does Malwarebytes do? It could be doing anything. That is the point.

Re:

[matushorvath]

You are already trusting corporations for your water and food. Closer to computing, you are likely also trusting Intel for your chipset with their beautiful IME nonsense. Trusting someone for malware protection is not so special.

MalwareBytes installed a tiny steering wheel ...

[Anonymous Coward]

... in my pants yesterday because it was drive'n me nuts!

OK

[ChodaBoyUSA]

So THAT is what killed my laptop!

Re:

[110010001000]

How do you know it wasn't a trojan? Did you examine the source code?

Re:

[110010001000]

Right, so you are saying that malwarebytes is a trojan? How do you know it wasn't a trojan installed by Malwarebytes itself? Did you see the source code and verify it didn't install one?

Re:

[110010001000]

Sounds like you shouldn't be allowed to use a computer since you don't "know" what it is doing.

Re: At work today

[Brockmire]

Shit, this might be the case with my dad. He reported weird shit with MalwareBytes but I had him reboot before I could teamviewer in because it was just black screen. Things looked OK, did scan and it was fine. Event log said something like 30GB memory usage and also spectre crashes. I kept thinking I was counting digits wrong, but this story makes sense now. Went to reboot after disabling spectre using grc tool and it didn't come back online. Haven't seen it come back and no email. I guess I could call hi

Pfft, a promise he knows he won't have to deliver!

[ToTheStars]

He's promising to be personally available in an online forum and by electronic mail to people whose computers can't connect to the Internet. Meanwhile, the steps for solving the problem are...published on the Internet. He's probably got a couple of buddies in his office doing the "Waldorf and Statler" laugh about it: "Doh-ho-ho-ho!"

Re:

[Scutter]

Yeah, it's pretty unlikely that anyone would have access to two computers in 2018.

mbam has gone to shit..

[Anonymous Coward]

ever since version 2 and the loss of the lifetime update model, then further down the crapper with version 3 and the forced trial mode on install and always-on services (even in 'free' mode).

if you want a simple on-demand scanner to supplement your antivirus product, just use adwcleaner. it's better and faster, anyway (until they fuck that up, too); then hitmanpro (free scan mode is good enough) as a double-check (also crazy-fast and very good)

Already Uninstalled.

[Templer421]

Until they fix it I think I will NOT be reinstalling it.

Re:

[110010001000]

How will you know it is fixed? You don't even know what caused it.

Re: Already Uninstalled.

[Brockmire]

Ugh, they revert back to the last version that didn't shit the bed. Then they find the cause and not repeat the error. It can happen in that order. What kind of stupid question was that?

who uses it anyway

[avandesande]

It slows web browsing so much it's unusable (before the issue)

What timing...

[echostorm]

the timing couldn't have been worse for my household. I dug up my old lifetime keys friday after about 5 years to install it on my childrens playroom computer and my backup pc and staurday both systems were unusable with malwarebytes using 90+% cpu and 50+% HD. I actually uninstalled both when I got home Saturday with the thought 'Wow, Malwarebytes has totally gone to crap, I remember when it used to be good". I had planned to look up and find out what the hell happened to the program today when this artic

Inexcusable persistant stupidity

[WaffleMonster]

This occurs quite regularly with no acceptable excuse.

Step 1. - Vendor fucks up royally.

Step 2. - Customers complain.

Step 3. - Vendor runs around like a chicken without a head frantically attempting to fix whatever they fucked up almost always with even more lax quality standards than what was necessary to fuck up in the first place.

Step 4. - Customer predictably complains about fix not working or breaking even more shit.

Step 5. GOTO Step 3.

Lets put aside the problem of original fuckup and focus on the inexcusable portion of this. Mistakes / oversights happen.

Step 3 is where you ROLLBACK what you broke. It is NEVER about working overtime to fix what you broke by shipping out new code as soon as it compiles. Failure to plan ahead for this contingency and have a tested working rollback strategy carries predictable consequences. THIS is the failure this company should be apologizing for and the lesson they SHOULD have learned. Yet I'm quite certain it did not even occur to them.

HUGE memory leak, Maximum CPU usage

[Futurepower(R)]

Reported on the Malwarebytes forum yesterday: Malwarebytes Web Protection unable to turn on and a massive Memory Leak. [malwarebytes.com] Also, CPU use was extremely high, making computers slow. The issue was fixed in 2 hours and 10 minutes, but it cost many people a huge amount of time because it wasn't obvious what was causing the problems.

Recent automatic updates to Malwarebytes software have been destructive in other ways, apparently. The company says Malwarebytes can and should co-exist with other anti-malware softwa

Yup....

[MerlTurkin]

I had the problem yesterday. I thought the memory was bad in the laptop. Checked task manager and bingo, Malwarebytes was the culprit. Went and downloaded the latest version and installed and that fixed it.