CVE-2023-26088

Name of the Vulnerable Software and Affected Versions Malwarebytes versions prior to 4.5.23

Description The issue allows an attacker to delete any arbitrary file on the system by exploiting the local quarantine system using a symbolic link. In certain scenarios, it can also lead to privilege escalation.

Recommendations For versions prior to 4.5.23, update to version 4.5.23 or later to resolve the issue. As a temporary workaround, consider restricting access to the quarantine system to minimize the risk of exploitation.