- IObit Malware Fighter 9.4.0.776, ObCallbackProcess.sys 9.0.0.12
- https://www.iobit.com/en/malware-fighter.php
Denial of Service
From IoControlCode 0x222034, 0x222038, 0x22203C, and 0x222040, there is no validation of pool boundary in the function, which may access uninitialized memory and cause BSOD.
In the attached file DoS3.zip, there are DoS3.exe, DoS3.cpp, iobit_malware_fighter_setup.exe, and ObCallbackProcess.sys. DoS3.exe is the PoC to cause DoS where iobit_malware_fighter_setup.exe which contains the vulnerable driver ObCallbackProcess.sys is installed, and DoS3.cpp is the source code of DoS3.exe. To reproduce the issue, install iobit_malware_fighter_setup.exe and execute DoS3.exe. It is expected that the system will crash (BSOD) once DoS3.exe is executed. Password for attachment: DoS3 https://drive.google.com/file/d/1iWdqJ9PsBp1W5xINpUdQ28xbx_tB9xxf/view?usp=sharing