Malwarebytes Anti-Exploit

anyone experienced issues with such setup with all set to max and other applications, like chrome (runs with chrome no problem), I am worried about slowdowns
also how does it compare to hitmanproAlert or excubits, is malwarebytes anti-exploit decent protection against exploits types?

 

I haven't used it for many years but when I did, all of my settings were also enabled "to the max" without any problems whatsoever. Unfortunately, I don't know whether MBAE can still be considered a "decent" security app these days. I also used HMP.A years ago but I found it too aggressive.

 

All Advanced Settings are checked. No slowdowns. Chrome, Firefox Quantum and Chrome runs as usual. No problems with Office or anything. I added shieds for Outlook 2013 and Windows Live Communications (HXOutook) and checked 'Show system tray notifications tooltips' and MABE shows that it is indeed interjecting it's DLL into both applications.

As for it being a decent protection against exploit types, well according to Malwalebytes it is. I have asked them how EXACTLY is MBAE protecting Chrome and Edge, since both of these browser now reject injecting of 'outside' DLL's, but no replies.

Robert

 

Explanation please.

Robert

 

What explanation? I wrote that I don't know whether or not MBAE can still be regarded as a decent app these days. If I knew the answer, I would tell you (and give an explanation).

 

Ok, thanks.

Robert

 

MBAE has been updated today to v1.13.1.98:
https://forums.malwarebytes.com/top...ti-exploit-113-build-98-released-aug-19-2019/

One of the things it mentions on the MWB site is "Updated shield list to include Chrome and Edge Browsers". My MBAE updated itself ~ I use it alongside the free version of MWB.

 

Thanks for the post, Marwod. At we know that MB is still improving MBAE.

Robert

 

Malwarebytes Anti-Exploit Beta 1.13 Build 117 (September 25, 2019)
https://forums.malwarebytes.com/top...i-exploit-113-build-117-released-aug-19-2019/

Download: http://downloads.malwarebytes.org/file/mbae

 

@mood -- got it. 10Q to the nth!

 

I just installed 1.13.1.117 and decided to take a look at Edge. mbae.dll is not injected into Edge, just into SYSTEM. No popup about Edge being protected. Whereas, as usual, when SeaMonkey runs, MBAE injects into SYSTEM and SeaMonkey and issues a popup that it's protecting SeaMonkey.
BTW, I never use Edge, so my observation is on a very limited use in just a few minutes.
No Chrome here to check.

 

Secrecy is an essential of security. I do not wish to know how it is done since the bad guys do wish to know that. Keep 'em guessing.

 

Just thinkin' Out Loud... Have you checked for mbae64.dll?

Over here, mbae.dll injects QuiteRSS and POP Peeper whereas Firefox, Chrome and Falcon get mbae64.dll. (For Falcon I added a browser shield for QtWebEngineProcess.exe.)

System gets both mbae.dll and mbae64.dll.

 

Good catch. No I did not check for mbae64. I just rerun Edge. Nothing injected, just mbae64.dll in SYSTEM.

 

Of course they are because it is an integral part of MBAM Premium. Development will continue as long as MBAM exists.

 

Bottom-Up ASLR Exploit Blocked in Windows XP

I never expected to see this. Bottom-Up ASLR protection is worth enabling in Windows XP.


MBAE 1.12.1.109 is in active use. Mozilla Firefox 45.9 was running inside Sandboxie 3.76 with MBAE enabled. The Firefox process was instantly terminated.

It is with deep shame and embarrassment that I must now confess that I was sneaking a crafty look at a web site showing young ladies at play in bathing costumes (and some without bathing costumes ). It would not be too surprising if an exploit was to be lurking in the midst of the data stream feeding the smut on which I was feasting my lustful gaze so I guess that it is plausible that there really was a malicious exploit that MBAE snuffed out. Thanks MBAE.

Interventions by MBAE are very rare on my Windows XP SP3 system or any other of my Windows systems for that matter. I am reassured that MBAE is prowling usefully in the backgound.

Would it be fair to say that malware developers would not expect to encounter Bottom-up ASLR protection in this venerable operating system? I don't claim to have configured the most hardened XP system extant but the battlefield is littered with mines and booby traps. There are numerous layers of defence.

 

windows xp, firefox 45 - this had to come

ofc hackers meanwhile know about, only a matter of time until MBAE fails for you and you got your data encrypted - no mercy.

 

I backup the system quite frequently. It's not safe to use for security sensitive purposes if due diligence is considered. XP is now like a classic car, taken out for a drive for pleasure. It is true to say that since the present incarnation was installed (in 2005 I think) that I yet to experience a successful intrusion. I also use OSArmor 1.4.3, Outpost Firewall Pro 9.3 configured to max settings and Panda Dome Free 18.7.04. Also DropMyRights and Comodo Memory Firewall. OK, nothing is perfect but I don't lose any sleep.

Firefox ESR 45.9 does as well as later Firefox versions in the BrowserAudit test.

It gives me modest satisfaction to safely run the hacker gauntlet astride my Windows XP steed, the hardware of which was assembled in 2002.

 

With XP there is no reason to still use Mozilla Firefox 45.9.
But if you really must, it is best to use the version developed by Roytam1:

https://github.com/roytam1/mozilla45esr

https://msfn.org/board/topic/180462-my-browser-builds-part-2/

 

Thank you for that Sampei. I will give it a try. The AMD Athlon XP 3000+ processor which my XP system uses is pre-SSE2.

 

I downloaded a nearly 400MB zip file containing Mozilla 45 ESR but was unable to open it. Please could you suggest a suitable utility that will enable me to get at the zip file contents.

 

1) Download the file (42.1 MB) in your Programs Folder:



2) Unpack the 7z file.

 

Hake,

For your XP system, you might want to take a look at the MyPal Browser:

Mypal is a current and maintained Windows XP web browser. Mypal is based on Moonchild Productions' Pale Moon code, which itself was forked from Mozilla's FireFox code several years ago, but is also maintained and kept current. The goal of Mypal is to provide a current, secure, and reliable web browser for Windows XP. Mypal operates identically to Pale Moon with some minor exceptions.

https://github.com/Feodor2/Mypal/releases

For Add-ons in MyPal, I'm currently using uBlock Origin 1.16.4.11 (and uBlock Origin Updater 1.6.6), HTTP Always 5.2.24, and NoSquint 2.2.2

I've been using it for over a month, and have been very pleased how well it runs.
... it feels "crisp" on my XP system, in contrast to other browsers which felt like they were "dragging" (as well as no longer being supported).

 

Did you need to do anything special to get MBAE and Sandboxie to play nice together?