Malwarebytes Delivers Buggy Patch That Spikes CPU & RAM Usage – Update & Restart Recommended


Malwarebytes, a trusted antivirus vendor, apparently sent a buggy update that may be affecting both Home and Enterprise systems. The issue comes from a protection update that was released over the weekend to Malwarebytes' Home and Enterprise users. The update caused several problems, including excessive memory usage, system crashes, and connectivity issues. The protection update was pulled back 16 minutes after the rollout had begun. However, by then it had been installed on a large number of devices using Malwarebytes.

Malwarebytes protection update causes excessive RAM and CPU usage

While Malwarebytes is a popular name in the industry, things can and do go wrong. The company found itself at the center of user ire and outcry when the update released on Saturday morning started raising performance concerns. One user reported that the application had used over 10GB of their RAM, causing systems to go very slow or even crash. The company's forums were flooded with complaints of spikes in CPU and RAM usage.

Malwarebytes Discovered A ‘Fruitfly’ Malware That Runs Using Antiquated Code On Mac

"There are detection syntax controls in place to prevent such events as the one experienced in this incident," the company wrote. "Recently we have been improving our products so that we can show the reason for a block, i.e. the detection ‘category’ for the web protection blocks." The company explained that there was an oversight when one of the syntax controls wasn't implemented in the new detection syntax, creating issues.

In order to support this new feature, we added enhanced detection syntaxes to include the block category in the definitions. The unfortunate oversight was that one of the syntax controls was not implemented in the new detection syntax, which caused the malformed detection to be pushed into production.

The problematic update affected Malwarebytes for Windows Premium, Malwarebytes for Windows Premium Trial, Malwarebytes Endpoint Security (MBES), and Malwarebytes Endpoint Protection (Cloud Console). Those who did install the buggy update need to download the latest fix that addresses the issues (more details here).

"We test every single one [update] before it goes out," Malwarebytes' Marcin Kleczynski said. "We pride ourselves on the safety and accuracy of our detection engines. To say I am heartbroken is an understatement."