Malwarebytes Anti-Exploit

I was wondering why my Java update always failed with a 1603, turns out to be having MBAE enabled.

 

Is this with MBAE 1.04 or with 1.05 Experimental?

 

MBAE 1.04. Uninstalled Java 7 and tried the online and offline installers of Java 8.

 

Yes that's a known issue with 1.04.

Try 1.05 in my sig link. It fixes this problem.

 

MBAE.

In the experimental build, the time to inject the DLL in latest Chrome decreased substantially, half a second faster on my PC, an improvement of over 60% making it injecting the dll way faster as comparable products.

Thx

 

Cool, thanks for noticing!

That's due to the internal engine improvements to 1.05. It might seem like just a small version increase, but the improvements in 1.05 over all previous MBAE versions is HUGE.

 

You are right, I made an error in calculation, loading time reduced from 0.82 secs to 0.33 secs. Only Chrome naked starts in 0.24 secs So the reduction is not 60% but 85%. That is really a huge improvement.

 

Updated to 1.05.3.1011 beta. Changelog? No problems so far.

 

Same changelog as 1010. Build 1011 just includes some additional fine-tuning of a couple of bug fixes.

 

Justed updated. Interesting that the setup file was intercepted by another beta software, that I am running at the same time, i.e. Crystal Security. Of course, allowed it to run.

Spoiler: screenshots

 

I'm a MBAE Premium user, and so far, very satisfied. My only concern is that is seems like "product development" is very slow - a long time between final version releases. Am I justified in that assessment or am I just being overly anxious?

 

This year we've had 6 releases so far, 2 beta (0.09 & 0.10) and 4 commercial (1.01, 1.02, 1.03 and 1.04). In addition the next commercial version 1.05 will be released before the end of month. All in all that's a total of 7 releases this year or, looking at it another way, an average of a new release every 1.7 months. That's a lot more than most other products I know of

 

They seem to pack quite a bit of enhancements/fixes into each release though, which is good to see. I imagine a lot of these enhancements/fixes are quite sophisticated as well.

 

I have been using 1.05.3.1010 for 3 days now without any problems. I also added several custom shields. I do suggest maybe giving more profiles options to choose from when adding a custom shield. You may want to consider a profile for instant messengers, and P2P applications (emule, torrent client ,etc). You may also want to give an option to browse to the executable the user wants to add as a custom shield.

 

It definitely needs a browse to exe. function.

 

Hi Pedro.
MBAE protects Firefox of the vulnerabilities of the link below:

http://www.vupen.com/blog/20140520.Advanced_Exploitation_Firefox_UaF_Pwn2Own_2014.php


(TH Paranoya) https://www.wilderssecurity.com/thre...xperience-toolkit.344631/page-34#post-2427607

 

This is great and everything for the people testing this product out. But I'm going to wait until compatibility is a simple matter of MBAE's product being added to the list of "Software Compatibility" in Sandboxie Control... there along with all the other products, hordes of AV's and whatnot. There with Comodo FW/D+ for me personally.

When that is a reality, and the product seems stable over a consistent stretch of time (which seems to be happening now actually), then I'll be ready to purchase the paid version. Even though the only thing on my entire box that qualifies as a potential vulnerability besides Firefox (which is covered by the free version) is VLC media player... which is blocked from the internet, and well restricted by both SBIE & D+... I'll buy it to support what I feel is a great product. And especially a great product for people still on XP, and/or don't like the idea of .NET Framework and the (vulnerable) attack surface and bloat it brings along with it. And so don't use EMET. I really respect them for making XP compatibility a priority even though it's EOL has passed.

 

Yes Peter2150 already requested that and it is currently being worked on for the next version.

Yes MBAE protects against that and other Firefox exploits.

 

First Norton stopped me from installing, then Voodoshield. Got it installed though. I had the paid version, now about shows experimental version. When this version runs out can I add my Lic key back to the released version?

Thanks

 

TH Pedro.
On a 32-bit OS is better to use the 1.04 (Premium) or the Experimental Version?

 

Probably FPs due to the digital signature of the Experimental builds which are ZeroVulnerabilityLabs instead of Malwarebytes signature. As for the license key, nothing to worry about. You can install the release version on top of the Experimental and it will automatically pickup your Premium license. Even if it doesn't you can re-activate it again easily.

Experimental 1.05 includes MANY internal, performance and compatibility improvements, as well as a whole lot of new exploit mitigations. Also it is very stable according to our own tests and feedback from beta testers here and in our own forum.

 

Since I can't run any of my Java apps, the increased performance and compatibility sure is attractive. I'll bite.

*Actually, even with the experimental, I still get error code 1603 when installing Java 8 when MBAE is enabled. Plus, none of my Java programs will run without disabling MBAE.

 

I know it doesn't "need" to be, but it would make me feel a lot better/more confident in it if it was. I didn't have to add any lines of code to get it to play nicely with Comodo FW... I don't want... shouldn't have to for it to play well with MBAE.

And most people aren't like us. They won't have the ability nor the inclination to add code into their security products to get them to function properly.

 

Any chance 1.05 will be compatible with both SBIE and HMPA?