Malwarebytes Anti-Exploit

Trying out the new build now.

 

Without digital signature you installed new version?

 

Yes its running fine so far , also its under shadow mode. So no problems here

 

1.09.1.1201 New Features:
• Hardened and more secure API hooking framework
• Added self protection mechanisms
• Added sandbox technique for Silverlight
• Added Layer3 techniques against Macro exploits
• Added Layer3 techniques against social engineering exploits
• Added Java advanced configuration options for companies
• Added dynamic configuration feature to manage conflicts
• Added support for MS Play Ready
• Changed balloon notification to off by default
• Remove Run entry during uninstallation

Fixes:
• Fixed conflict with Symantec DLP
• Fixed conflict with Chinese banking software
• Fixed conflict with Office TabLoader
• Fixed conflict woth Kobil mIdentity software
• Fixed false positive with Adobe and .NET modules
• Fixed issue when adding invalid custom shield

 

Yes. A developer's experimental release installed on an experimental (aka test) system.

 

Stopping MBAE 1.09.1.1180 Protection locks my PC for as long as five minutes every time I do it. Nothing I can do other than to wait it out or hard reboot.

Does MBAE have A.I. that punishes me for being a foolish/bad boy when I do this

I usually disable all security products other than firewall when creating a Windows Restore Point.

WIN 1067 64X OS

 

Works faultlessly on my Windows 7 64bit and Windows XP SP3 (SSE2 processor) systems. As is typical of this reckless user, all Advanced Settings are checked with the exception of Ret Rop Gadget Protections (Chrome browser options ARE checked). Additional shields for SumatraPDF (pdf) and Mozilla Thunderbird (other) are in use.

I guess that support for pre-SSE2 processors is at an end. If that is the case, I hope that automatic updating is inhibited for systems with SSE only processors.

 

hawki

I don't see that here on my system.

 

Hello,

The developer is investigating as to how this happened. In the meantime, the download link has been removed and will be replaced shortly with a link to a digitally signed version.

 

Thank you for the news.

 

Hello Mister X,

You are most welcome !

 

Hello,

A new experimental build, version 1.09.1.1208, has been released...
Announcement and download link: MBAE 1.09 preview

The issue with the no digital signature with build 1201 has been rectified and build 1208 is now digitally signed...

 

I have voodoshield with a similar anti exploit function. I wonder if I need to shut one or the other off?

 

Thanks puff-m-d

From 1.09.1.1180 to 1.09.1.1208 on Windows 10 Pro x64 (Version 1607 - Build 14393.321).
Browser: Edge and IE11 only.

No problems so far.

 

Yes its running fine so far , also its under shadow mode. So no problems here

 

Anyone?

 

From a logical point of view I would shut off one or another. Being the anti-exploit techniques a very complex set of algorithms per se and very complex its interaction with the shielded programs, I believe both working at the same time could result in a crash or something...

 

That's assuming anti-exploit component in VoodooShield is as complex as those in standalone exploit programs like EMET, MBAE, and HMP.Alert.

@boredog @Houley456
I recommend asking at the VoodooShield thread as well. But I believe Dan stated using both wouldn't be a problem. You can ask him to confirm.

 

VS isn't providing that kind of exploit-feature which Malwarebytes Anti-Exploit is providing.
"Enable VoodooShield anti-exploit protection for all web apps in all file / folder locations"
With this option VS "only" blocks child processes of web app parent processes. This feature is all about execution of files.
MBAE is a different level of protection, and more complex (injecting into the protected app, mitigations, memory calls, etc.)

So VS and MBAE shouldn't interfere with each other.
(but for example HMP.A and MBAE can (and will) interfere with each other, because they are providing the same features ... more or less)

 

Running VoodooShield and HitmanPro.Alert now and so far so good......will see how it goes.....

 

actually I have at least three anti exploits. Cylance, Malwarbytes Anti exploit and Voodooshield. I also think Adguard does some because I see it block web pages also but I am not sure.

 

Why not add HMP.A as well, to make sure

 

paul

and now I think about it I believe adguard just uses a black list.

 

Yes correct, normally anti-executable and anti-exploit should not interfere with each other because they are using different methods of protection. I didn't have any problems with the MBAE + EXE Radar combo.

 

Yep, my favorite combo is AntiExploit + AntiExecutable. Never was an issue b/w them.