Malwarebytes Anti-Exploit

Updated how? I thought protection of Chrome was now impossible?

 

I don't want Malwarebytes to tell every black hat hacker about their new Chrome and Edge protections. I trust Pedro and his team.

 

Google Chrome 72.0.3626.121 closes critical vulnerability

https://borncity.com/win/2019/03/07/google-chrome-72-0-3626-121-closes-critical-vulnerability/#more-8824

Arrogant Google locks out MBAE and yet still perpetrates its own vulnerabilities. If ever there was evidence that a devil's advocate is needed for Chrome, this is it. Google cannot be trusted to ensure its unaided protection of the security of its own users. Google aids and abets hackers to do their insidious work silently and with impunity. Of course we cannot know if MBAE would have detected the exploits because Google excluded it.

 

As far as I know, MBAE is still functional for Iridium chromium-based browser, correct?

 

I have Vivaldi (1.15... bit out of date?). It uses chromium stuff. MBAE, the latest, works fine.

Edit: I just run Vivaldi 2.3.1440.60 64bit installer so I'm up to date. Few sites are open. Process explorer sees 10 Vivaldi processes and 10 mbae64.dll injections. So it is still working.

 

Hi,

Revisiting MBAE since MBAE has this ongoing permanent beta. I have moved on to configuring MS Defender Exploit Protection to protect additional exe's. More knobs is a better thing, right ?

Question, does MBAE provide more kinds of anti-exploit protection than what MS EP has? Should I configure both MS EP and MBAE to protect a executable?

 

Mozilla states that Firefox ESR will not block DLL injections until 2020.

 

MBAE 1.13 Build 60 - Latest experimental build - April 8, 2019
https://forums.malwarebytes.com/top...ld-60-latest-experimental-build-april-8-2019/

 

thx, i got stuck with 1.12 here.

 

1.13.1.60 Beta

We know what you meant.

Thank you always!

 

Thanks for the heads up.

 

From 1.13.1.60 to 1.13.1.63 via auto update.

Edit:
Malwarebytes Anti-Exploit 1.13 Build 63 released - April 22, 2019
https://forums.malwarebytes.com/top...-exploit-113-build-63-released-april-22-2019/
-----
Changelog: The same as v1.13.1.60

 

https://forums.malwarebytes.com/topic/246376-issues-with-113163-and-chrome/

 

Does anyone know -- whether MBAE handles CSS Exfil attacks? it's a method that bad guys use to steal data from web pages using Cascading Style Sheets.

 

If not, check this out in case you haven't already seen it:
https://www.mike-gualtieri.com/css-exfil-vulnerability-tester

 

Hooboy.. I failed the test even tho MBAE is installed. I got the FF add-on to protect, then passed the test. This add-on has zero discernible effect on speed of FF -- it's as perky as ever.

Thank you very much for this wise counsel!

 

Can you enable all MBAE mitigations for Firefox?

 

As far as I know, MBAE has no mitigation settings to be enabled, other than logging protection events.

 

On XP I use an old version and haven't seen any posts suggesting that a newer MBAE now works. Any ideas?

 

Don't know what you mean by "all". If you mean is it protected the answer is yes. MBAE injects its DLL into browsers.

 

I mean the mitigations in the advance setting
https://forums.malwarebytes.com/top...ttings-in-mbae/?do=findComment&comment=980867

 

It works the dll is regularly injected into my New Moon.
I personally use version 1.12.1.90 for the reason described:

https://forums.malwarebytes.com/topic/234884-the-system-tray-icon-appears-with-excessive-delay-107109-on-windows-xp/

I think it is not good to use too recent versions with Windows XP.
Because probably any changes have certainly not been tested in this Operating System.

 

That link is ~4 years old. I've been using MBAE at least that long, probably longer. All of my settings were enabled "to the max" from the get-go. I just checked them again. They still are at max (i.e., every check box in "advanced settings" has an X in it).

Sorry I didn't catch what you meant -- pbust has his own unique way of putting things. No offense, but "mitigations" is not a word I hear every day except in the context of hospitals (pain relief) or mortuaries (grief assuagement). But... live & learn, I always say.

 

I am using MBAE 1.12.1.109 without problems with Windows XP SP3. The MBAE service and UI starts reliably with my AMD Athlon XP 3000+ powered system. I notice that all Advanced Settings remain as I set them whereas version 1.12.1.90 loses some like the RET ROP gadget detections and the MSOffice Memory Patch Hijacking Protection at each startup. Windows XP cannot run MSOffice 2010 so presumably it is beneficial to use MBAE 1.12.1.109. This version seems to be the last to be released before the Google Chrome changes.

 

Thank you much. I use the same version. Thanks for the wise advice. I sort of thought that kind of thing as well, but don't want to fall behind if I miss reading this thread which at some point might contain info about a well working MBAE for XP.