Dismiss this notice
novaPDF Professional Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5523

Dismiss this notice
Ashampoo PDF PRO Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5524

Dismiss this notice
Undelete 11 Professional Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5522

Dismiss this notice
ExpressVPN Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5521

Dismiss this notice
Macrium Reflect Home Valentines 2019 Giveaway - https://www.geeks.fyi/showthread.php?tid=5520


Thread Rating:
  • 2 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Update Logic Mishandle in Zemana AntiMalware 2.0: Fixed
#1
Information 
Quote:Yes, it is true we that there was a critical vulnerability discovered in ZAM 2.0 update integrity check. Some of you probably read about it in one of the threads on Malware Tips or other websites.

However, keep in mind that this vulnerability is not and never was present in our Zemana AntiMalware 3.0 Beta version.

In this blog post, we want to share with you the resolution to this concern. Yesterday, we fixed the issue and released a new update of ZAM 2.0, where we successfully fixed the update logic mishandle.

In the text below, you can find more information.

Update Integrity Check Vulnerability

A remote code execution vulnerability has been discovered related to update file integrity check. This vulnerability, caused by mishandling update logic, resulted in Zemana AntiMalware version 2.74.2.150 providing a weaker security than expected.

It allowed man-in-the-middle attackers to execute arbitrary code by spoofing the update server and uploading an executable. Due to this flaw, a remote attacker (only on the same network) could launch further attacks on the system by bypassing applications update file integrity check and executing any file with system rights.

This vulnerability has been assigned the CVE identifier CVE-2019-6440

ZAM 2.0 New Update

Some of you are probably still concerned or wondering if the vulnerability still exists, but we assure you there is no need to worry because we successfully fixed it.
In order to resolve the issue and improve our product, we released a new update of Zemana AntiMalware 2.0, which includes fixes for this vulnerability.
You can download it here.

What About ZAM 3.0?

As mentioned above, there never was an update logic mishandle or any critical vulnerabilities in our latest Zemana AntiMalware 3.0 Beta version. You can check out our release notes here and see what’s new in ZAM 3.0.
If you have any questions or concerns related to this vulnerability or anything else, know that you can always contact us at: [email protected]. Our team members will be happy to talk to you and help you out.
Original source: https://blog.zemana.com/zemana-antimalwa...ate-logic/
[-] The following 3 users say Thank You to harlan4096 for this post:
  • jasonX, JM Safe, silversurfer
Reply
#2
Great information! Thanks so much!
[-] The following 2 users say Thank You to jasonX for this post:
  • harlan4096, silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Latest Threads
Prices for 1TB Gaming SSDs Slashed in Ha...
Last Post: DTinn8
Today 03:08
» Replies: 0
» Views: 2
Intel Unveils Specs for 9th-Gen H-Series...
Last Post: DTinn8
Today 03:05
» Replies: 0
» Views: 2
Spectre Forever: Side-Channel Attacks In...
Last Post: DTinn8
Today 03:03
» Replies: 0
» Views: 2
DRAM Prices Expected to Decline as Much ...
Last Post: DTinn8
Today 03:00
» Replies: 0
» Views: 2
Best SSD and Storage Deals for 2019
Last Post: DTinn8
Today 02:58
» Replies: 0
» Views: 2
GFYI [Official] PowerISO New Year 2019 G...
Last Post: DTinn8
Today 02:53
» Replies: 17
» Views: 810
AhnLab V3 Internet Security
Last Post: deathsmear
Today 01:47
» Replies: 0
» Views: 14
Criminals, Nation-States Keep Hijacking ...
Last Post: Toligo
Yesterday 21:12
» Replies: 0
» Views: 28
Wendy’s to pay $50M in data breach settl...
Last Post: Toligo
Yesterday 21:04
» Replies: 0
» Views: 34
Dunn Brothers, Chino Latino and other Mi...
Last Post: Toligo
Yesterday 19:25
» Replies: 0
» Views: 47
This malware turns ATM hijacking into a ...
Last Post: Toligo
Yesterday 19:23
» Replies: 0
» Views: 31
Scathing UK report says Facebook 'intent...
Last Post: Toligo
Yesterday 19:21
» Replies: 0
» Views: 29
Why Corporations Need to Give Employees ...
Last Post: Toligo
Yesterday 19:19
» Replies: 0
» Views: 27
Banks praised for their internal cyber d...
Last Post: Toligo
Yesterday 19:16
» Replies: 0
» Views: 23
When Cyberattacks Pack a Physical Punch
Last Post: Toligo
Yesterday 19:15
» Replies: 0
» Views: 24
Could hackers 'brainjack' your memories ...
Last Post: Toligo
Yesterday 19:14
» Replies: 0
» Views: 22
[Official] MakeUSLaugh_HitmanPro.Alert N...
Last Post: jasonX
Yesterday 19:05
» Replies: 20
» Views: 1241
Norton Security Center_ How To_11 ways t...
Last Post: jasonX
Yesterday 18:14
» Replies: 0
» Views: 36
Norton Security Center_ Mobile_Android v...
Last Post: jasonX
Yesterday 18:11
» Replies: 0
» Views: 28
Norton Security Center_ Privacy_Telltale...
Last Post: jasonX
Yesterday 18:07
» Replies: 0
» Views: 25

[-]
Staffs Online
There are no staff members currently online.