Malwarebytes Anti-Exploit

I think you miss the point here. Question asked by @boredog was:

In other words using two anti-exploits programs at the same time.

 

I am still not sure about adguard just using a black list. here is what their site says.

"How does a check work?
Method and quality of a check depends on what product you use. If you are using one of our browser extensions, then Adguard inspects only those pages that you visit. If you are using Adguard for Windows, then in addition to the page itself, we check each object loaded on it, giving you the best protection."

wouldn't checking all objects loaded on a web page be like anti exploit in a way?

I guess if there are conflicts going on I am not noticing it.

 

Feel free to reverse engineer Adguard. Reverse engineering exploit mitigations can result in finding elegant bypass techniques.

 

Thanks for correction.

I use on my PC VS + MBAE + some other staff for quite a long time with no issues at all. As it was already said in this thread VS antiexploit feature is far behind that of MBAE (and that's OK as VS is an anti-executable), so actually there should be no interference at all.

 

Yes, but the anti-exploit feature in VS is simple parent-child process control AFAIK. It's not using any advanced anti-exploit mitigations like HMPA and MBAE, and that's why you should be able to combine them together.

 

Hello,

A new experimental build, version 1.09.1.1225, has been released...
Announcement and download link: MBAE 1.09 preview

 

MBAE Experimental/Preview/Beta 1.09.1.1225

New Features:
• Hardened and more secure API hooking framework
• Added self protection mechanisms
• Added sandbox technique for Silverlight
• Added Layer3 techniques against Macro exploits
• Added Layer3 techniques against social engineering exploits
• Added Java advanced configuration options for companies
• Added dynamic configuration feature to manage conflicts
• Added support for MS Play Ready
• Changed balloon notification to off by default
• Remove Run entry during uninstallation

Fixes:
• Fixed conflict with Symantec DLP
• Fixed conflict with Chinese banking software
• Fixed conflict with Office TabLoader
• Fixed conflict woth Kobil mIdentity software
• Fixed false positive with Adobe and .NET modules
• Fixed issue when adding invalid custom shield

 

Trying it now MBAE Experimental/Preview/Beta 1.09.1.1225

 

Beta 1.09.1.1225 no go for me (first time having issue with update)

After updating from 1.09.1.1208 to 1.09.1.1225 & after a reboot, MBAE was unable to start up.

Programs like Voodooshield, winprivacy etc were having the start up issue.

Perform a backup restore (back to 1.09.1.1208 ), everything are working fine again.

Will try to install 1.09.1,1225 again tomorrow, to check if the problem persists.

 

Sep 9, 2016 / #3284 =

Oct 4, 2016 / #3307 =

Oct 21, 2016 / #3337 =

Are you reading before the copy/paste?
If yes, please point the changes between the 3 experimental versions.........

 

From 1.09.1.1208 to 1.09.1.1225 on Windows 10 Pro x64 (Version 1607 - Build 14393.321).
Browser: Edge and IE11 only.

No problems so far.

 

I'm just copying the text from the Setup Information pane during the install.

Reading any of it would mean paying attention to nasty technical details. Technical details in the Wilders forums? Ha.

Obviously, they are the same. But different. Don't you get it?

 

I find this change a little odd. Anti-Executives are by their nature very quiet and there are some users who are not convinced they are actually doing anything. I would have thought that MB would have wanted to have left these notifications on by default as a reassurance to users that MBAE it is actually working. I have been trialing HMP.A recently and they go out of their way to remind you that it is protecting you with fly-outs, coloured borders, encryption notices etc.

I suppose at the end of the day it is just a matter of style and MB have gone for the quiet route. I have never found the balloon notifications invasive and may not bother to turn them on again but am just really commenting on an obvious difference between Malwarebytes and Surfright in this area.

 

Build 1225 works without issues on Windows 7 Ultimate 64-bit and Windows XP SP3 with post SSE processor.

I gave Trusteer Rapport another try after nearly 2 years since I last gave up on it in disgust. IBM seems to have done good work because it runs far more slickly and causes no problems with MBAE, at least it doesn't with build 1225. I can only guess that the improvement apparent with Trusteer Rapport build 3.5.1609.103 is down to its improved product quality. I use Rapport with Mozilla Firefox and Google Chrome.

Installed real-time security software: Agnitum Outpost Firewall 9.3, Avast Free 12.3.2280, MBAE 1.09.1.1225, Trusteer Rapport 3.5.1609.103.

 

An update

The problem was caused by the new nvidia driver, MBAE 1.09.1.1225 is working fine.

 

MBAE 1.09.1.1232 Stable

http://downloads.malwarebytes.org/file/mbae

https://www.malwarebytes.com/antiexploit/

http://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

 

MBAE 1.09.1.1235 Stable

http://downloads.malwarebytes.org/file/mbae

https://www.malwarebytes.com/antiexploit/

http://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

Edit:

 

MBAE 1.09.1.1235 Stable

https://downloads.malwarebytes.com/file/mbae_current/

The "New Features" and "Fixes" in the Installer Info reads the same as going back to .1180 Experimental/Beta/Preview.

Not that MBAE development is unappreciated, especially for us Premium customers, inquiring minds want to know.

 

This inquiring mind wishes to know if MBAE 1.08.1.2572 is the end of the line for MBAE on computers with processors which lack SSE2 instructions capability.

 

SSE2 was introduced with Pentium 4 in 2000/2001 - who cares about older crap?
https://en.wikipedia.org/wiki/SSE2

ofc windows 7 is usable on cpu w/o sse2 but its performance is horrible, sse2 is mandatory for windows 8 or higher!

 

My friend, some people do still use XP for many reasons, and while I agree it isn't a safe practice, some have no choice.

 

https://forums.malwarebytes.org/topic/189824-mbae-109-requirement-for-sse2-compatible-processors/

 

Thanks. That is my post in the Malwarebytes forum.

I will say in passing that the MBAE 1.09 updating appears not to be able to sense a non-SSE2 processor on the host computer. I have just been offered 1.09.1.1235 to update 1.08 1 2572. I have switched off the automatic update option. I have other ways of preventing this but they depend for their effectiveness on me waiting 20 seonds before I logon to my XP system. I must have been a bit quick off the mark this evening.

 

Automatic update to 1.09.1.1235 --- clear skies, a following wind, running straight and steady. (^_^)

 

MBAE on XP asked if I want to update. I said yes. Million questions from SSM and Sunbelt later it installed fine, service started, and no issues after reboot.

What is SSE2 processor? I'd like to check my XP, but how?