Malwarebytes Anti-Exploit

Indeed, and your signature shows 1044 as the latest build.
Welcome back Pedro!

 

There!

 

Welcome back.
Could you answer can MBAE stop a vulnerability in OpenType fonts? Thank you.

http://blog.emsisoft.com/2015/07/21/update-now-get-the-latest-windows-security-patch/

 

If it's anything like the original Duqu, even though it is a kernel exploit, MBAE would block the infection by blocking the payload in its Layer3 (Application Behavior). The best solution however remains to patch against this to prevent the exploit shellcode from running. Once they get shellcode to execute they pretty much have free reign over the system and can find a way to bypass any other security measures in place.

 

Can you perhaps explain if this feature will block all code injection into Edge? I'm guessing that MBAE wouldn't be affected because it's signed?

https://blogs.windows.com/msedgedev/2015/11/17/microsoft-edge-module-code-integrity/

 

@Rasheed187 Thx for the interesting link on today's updated laptop of my wife MBAE still injects DLL (using Adfender free as adblocker for Edge & Chrome to circumvent add-on limitation of Edge).

 

Microsoft SmartScreen: Now Windows 10 Edge and Internet Explorer can block zero-day web attacks
http://www.zdnet.com/article/micros...internet-explorer-can-block-zero-day-attacks/

 

This is reactive signature approach to URL blocking. It is not proactive exploit detection or blocking.

 

It doesn't matter whether a cat is white or black, as long as it catches mice.

 

But the signature cat is rather silly because tomorrow it can't catch a changed mouse.

Is it possible to convert a Malwarebytes Antimalware licence to Malwarebytes Anti-Exploit?

 

I said: as long as it catches......

 

I read too quickly, if the driver is signed it can still inject code into Edge, so of course security tools will have no problems, my bad.

 

I won a competition and scored myself MBAE Premium for a year.

I have a question: do I need to go tick crazy on the boxes in Advanced Settings?

Cheers in advance.

 

I did; all checked. And I've got 12 custom shields added, half of 'em Other.

 

I have all boxes checked in Advanced Settings and added some shields mostly "MS Office" then "Browsers" and only 3 "Other".

 

Thanks for the replies... much appreciated. It's nice that a LUA account cannot touch the advanced settings. So far no issues to report. I think lists in MBAE will be replicated throughout other apps such as AppGuard and SpyShelter sandbox. All of a sudden, I am feeling less and less of a need to run Sandboxie as "real-time"; might switch it back to "on-demand".

 

Hi Guys .... can I please ask your opinions on the following - I have IE 9 on my computer and as most know updates will cease on Jan 12 for all versions of IE except IE 11 ..... my dilemma is whether I upgrade to IE 11 and risk BSOD/trashing presently faultless running computer or equally as bad unwantedly downloading the dreaded kb3035583/Win 10 upgrade ( which some others say IS included in the upgrade to IE 11 by default !!!! ) or go instead go Malwarebytes Anti-Exploit to FUTURE protect my IE from security issues ( I already have Malwarebytes AM premium installed - which I trust greatly )

 

I have no problems with IE11, but only use it occasionally (Windows 7). My main browser is Firefox. If you are set on keeping IE9 I would definitely consider an anti-exploit. I use MBAE premium and what's in my signature with no problems. Other options are Microsoft EMET, HitmanPro.alert and AppGuard.

 

I would use MBAE no matter WHICH browser you are using.

 

For the supported browsers in MBAE Free, at least. Otherwise, MBAE Premium and add a Browser Shield as needed.

 

can MBAE prevent ransom32?

http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/
https://www.wilderssecurity.com/threads/meet-ransom32-the-first-javascript-ransomware.382687/

 

No Brummelchen, ransomware is not a clientside exploit.

 

ok, so no exploit kit instead a manually triggered download? (or mail attachment)

 

If you are using an out-of-date Sun Java Runtime (i.e., version 6 or 7), how effective is Malwarebytes Anti-Exploit at stopping Java Exploits?

Thanks in Advance.

 

With all exploits the answer is: "It depends"

Here are some of my experiences when I tested the Java mitigation in Anti-Exploit 1.05:
- Executables that are downloaded and executed by the applet itself will be blocked.
- Access to cmd, PowerShell (and likely other programs like Wscript) is being blocked.

Although Anti-Exploit should include more mitigations