CVE-2014-100039

Name of the Vulnerable Software and Affected Versions Malwarebytes Anti-Exploit versions prior to 1.05.1.2014

Description The issue allows local users to cause a denial of service, resulting in a crash, by utilizing a crafted size in an unspecified IOCTL call. This triggers an out-of-bounds read.

Recommendations For versions prior to 1.05.1.2014, update to version 1.05.1.2014 or later to resolve the issue. As a temporary workaround, consider restricting access to the mbae.sys module to minimize the risk of exploitation.