Mission impossible? Malwarebytes invents software that blocks zero-day attacks

Discussion in 'other anti-malware software' started by ronjor, Jun 13, 2014.

  1. Syobon

    Syobon Registered Member

    Joined:
    Dec 27, 2009
    Posts:
    469
    EMET does protect JAVA (and acrobat, office, ie), several java executable are protected by default here on emet 4.1...
    unless the protection you are talking about is in a different level than EMET
     
  2. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    You can add Java to EMET, but that doesn't mean it'll protect against sandbox escapes.
     
  3. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    3,345
    Location:
    Italy
  4. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    @Sempei Nihira: in enterprise situations it's often unavoidable. A lot of companies still use Java applets for vitally important stuff, including Java applets that require direct access to data on the client OS.

    ("It works fine, why should we change?")

    That said, I'd rather hope that Bromium is not The Future Of Client Security, just given the scare marketing in the above blog entry. People in this business need to clean up their act really badly - even the ones with products that actually work.
     
  5. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    ... On which note, the description on the MBAE page ("Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks") kind of impresses me for being relatively understated. Someone seems to get the picture, all talk about the product itself aside.
     
  6. Enigm

    Enigm Registered Member

    Joined:
    Dec 11, 2008
    Posts:
    188

    Please stop telling people what they can and can not say in your little advertising-thread ..
    This is not an 'invention', it's yet another stupid resource-hogging 'security-app' that makes people think they can deposit their brain somewhere and keep on behaving like fools when on-line .
    If you are so paranoid, stupid and/or just can't help yourself from visiting shady sites : Use a Live-CD, don't do it from your windblows admin-account !
     
  7. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Do you know what is the difference between these two posts? Facts and years of work.
     
  8. Leaving the insults for what they are: Enigm are you sure you decrypted the right brain section when you wrote this?

    I have some problem trying to understand your logic:
    • Interpreting it literary
      Including an AND OR NOT in an IF-condition results in an always "true" logic error. No use arguing this faulty logic.

    • Interpreting it figurative
      When none of these three condition apply: your "case" logic runs into a condition drop through. Which might lead to arbitrary code exedution, to which MBAE tries to protect you against when you accidentally (like you now) run into these conditions. The boot from live CD is a non-option for most ordinary PC users, since they are probably unaware they will be facing exploit-kits on a website. Research shows that most website owners don't even known they have been exploited, so how could website visitors know?

    This cryptic remark I do understand. So when MalwareBytes Anti-Exploit is able to influence how people think, deposit their brains and make them behave like fools, we better call it MadwareBytes Anti-Exploit then

    Regards Kees
     
    Last edited by a moderator: Jun 29, 2014
  9. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK

    And this is why its preferable to all the 'bells and whistles' security apps the *experts* love to argue over.
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Can you explain yourself, I don´t get what you´re trying to say. :)

    They already got hammered in a report from Invincea: http://www.invincea.com/2014/05/tech-throwdown-micro-virtualization/
     
  11. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    I saw nothing that they mentioned Sandboxie and its limitations and vulnerabilities in that report what Bromium labs claimed that SBIE possesses.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No, but as you can read in the report, Invincea claims that sandboxing is a much better solution than Bromium´s approach. Of course they published this report because of Bromium´s constant attack on sandboxing. But it´s really an interesting battle when it comes to the anti-exploit market, I wonder how well Malwarebytes will do. :)
     
  13. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    Will Sandboxie 4.12 and Sandboxie beta 4.13.4 protect against these memory executions?
    Does the latest version of DefenseWall protect against memory executions?
     
    Last edited: Sep 27, 2014
  14. CoolWebSearch

    CoolWebSearch Registered Member

    Joined:
    Sep 30, 2007
    Posts:
    1,247
    What about the latest versions of EMET and AppGuard?
     
  15. As said can't find it anymore, did not test it myself
     
  16. As far as I know they do offer the known protection against memory misuse, but again as far as I know, not specifically against memory buffer overflows. But maybe the developers of SBIE/DW can help you with this question
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.