Malwarebytes Anti-Exploit

Yes, it is in the Premium version. I have many custom shields.

 

That's exactly what I wanted to know, Thank you.

Now, hopefully they'll add a default shield/profile for Edge.

 

Yes, that's the plan. However since the naming of the browser and its filename has changed a few times over the last few months, we are waiting on a final release of Windows 10 before adding it. When that happens, the shield will be a default shield and part of MBAE Free.

 

I think waiting for final release is a smart move and I am glad that the shield will be added in later versions

Thanks for letting us know

 

Pedro, your signature still shows 1007 as the current beta build.

 

1.07.1.1010 is still running great on Windows 7X64 Ultimate after upgrading from build 1.07.1.1009. I have been using build 1010 for 2 days now.

 

Signature fixed, thanks for the heads-up!

While we're in the subject, 1.07.1.1010 has just been released officially:
https://blog.malwarebytes.org/news/2015/07/new-malwarebytes-anti-exploit-version-is/
https://forums.malwarebytes.org/index.php?/topic/170015-malwarebytes-anti-exploit-10711010/

 

Thank you for this, version 1.07.1.1010 is working great.

 

Can I just install over the top of the old version?

 

Yes of course!

 

Thanks

 

1.07 just installed and lets see what happens now.

 

Outlook is blocked by MBAE, saying a exploit was detected. It happens with Application Hardening. BottomUP ASLR is blocking it. And IE is blocked by Anti-Heap v1.07

 

Which version of Windows? Did you add custom shields? Change the advanced settings?
Also please post or PM me your MBAE logs otherwise it's hard to troubleshoot.

Finally I see in your sig you use Comodo? If so there's a workaround for the conflict with Comodo -> https://forums.malwarebytes.org/index.php?/topic/135127-known-issues-conflicts/

 

Windows 8 64b. No, everything is set to default. I had Comodo shut down.

 

Try uninstalling Comodo and/or the workaround. Simply turning it off might not do the trick.

 

Ok, I'll try it soon and let you know.

 

Some of my extension icons freeze up with chrome using MBAE 1.07. It probably did it in 1.06 also that is one reason why i had to use HitmanPA for chrome. I tied 1.07 with chrome to see if any problems had been fixed that i had with 1.06. It looks like i have the same problems with 1.07 so back to HMPA for chrome. I don't have any problems using dragon with MBAE only chrome.

 

Opera has three flavors by now.
The original one is what I use - current version 12.17.
Then there is the chrome-Opera and, finally, Vivaldi under construction.
Does one shield manage all of them? Just curious.

 

Can you send logs from FRST to try to replicate it in an environment similar to yours? Which extensions freeze up? Does the freeze mean it takes them long to open or that chrome itself freezes?

As long as they are all called opera.exe then the same shield applies to all of them. Currently the ChromeBrowser shield is used in MBAE to protect Opera.

 

OS Win 8.1 64bit
MBAE 1.07.1.1010

In Appguard If i add C:/sandboxie to Userspace and include set to "Yes", it blocks mbae64.dll when i open sandboxed IE. But no problem running Firefox under sandboxie
http://i.imgur.com/29qJY3u.jpg

 

Some of the extension icons in the upper right of chrome freeze up. I have to disable them and then enable them again so they work again. This is one of them...https://chrome.google.com/webstore/detail/send-from-gmail-by-google/pgphcomnlaojlmmcjmiddhdapjpbgeoc

 

The new version is OK:



Tested with Chrome/I.E. 64 bit.

 

Can you send me crash dumps of the various chrome.exe processes that are running when you encounter the freeze? You can right-click on each chrome.exe process from Process Explorer and choose Create Dump -> Create Full Dump.

 

@ ZeroVulnLabs

Is this (see link) something that should be covered by MBAE? And BTW, at the moment v1.07 seems to be working just fine, also with some self-added shields. I've not yet tested it with Sandboxie, but I'm not expecting any problems.

http://seclists.org/bugtraq/2015/Jul/23