Malwarebytes Anti-Exploit

One thing doesn't preclude the other, we can disagree and still go out and have fun. We just had a fun night in Amsterdam with HMPA guys years ago

 

It's been a long time, almost 6 years? Nice to hear from you!

 

Yes of course, as long as you guys keep each other on your toes when it comes to developing the best anti-exploit tools, why not LOL. And I've read that Malwarebytes is getting better and better, it performed quite good in the latest MRG Effitas test, also when it came to blocking ransomware and exploit attacks. BTW, make sure that MBAE also supports the newest browsers out of the box, like Brave and Vivaldi. Besides Edge, Firefox, Chrome and Opera of course.

 

Application Behaviour Protection for MS Office

Protection for Office VBE7 Object Abuse does not remain enabled on some installations of MBAE.

Some installations of MBAE 1.13.1.443 (and recent previous versions) allow this protection to be consistently enabled but others, for no apparent reason, disable it even after it has been specifically enabled by the user. Does anyone have any suggestions about why this could be?

Protection for Office VBE7 Process Abuse is always enabled unless specifically disabled.

 

Malwarebytes Anti-Exploit Beta 1.13.1.474
https://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

 

Malwarebytes Anti-Exploit Beta 1.13.1.476
https://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

Download: https://downloads.malwarebytes.org/file/mbae

 

MBAE 1.13.1.476 will not download and install automatically. I think I found the download in the windows\temp folder but had to install it manually.

The Malwarebytes forum does not mention version 1.13.1.476. What is going on? The new version seems to work OK. There are some useful enhancements in it.

 

Announced few hours ago =

https://forums.malwarebytes.com/top...ti-exploit-113-build-476-released-may-3-2022/

 

Malwarebytes Anti-Exploit Beta 1.13.1.481
May 18, 2022

Download: https://downloads.malwarebytes.org/file/mbae

Edit:
Also here=
https://forums.malwarebytes.com/top...i-exploit-113-build-481-released-may-18-2022/

 

Automatic installation now seems to work.

 

I ran this for several years before uninstalling it. I can't quite remember why but I think it was because I also run VoodooShield which also should prevent exploits. Anyone know if I can safely carry on without MBAE?

 

windows 10 defender has an anti-exploit module, so i dont care about others.

 

MBAE works in a different way than VS, it tries to block exploits in an earlier stage. But in practice a tool like VS will also block most if not all exploit attacks, since it simply blocks the payload/malware from running. Tools like EXE Radar and OSArmor do the same as VS. Apparently AppCheck also blocks exploit, but I'm not sure how it works, most likely it works like VS. So long story short, tools like MBAE and Hitman.Pro Alert are the most advanced anti-exploit tools.

 

Thanks for the detailed explanation Rasheed. i've installed MBAE again. Better safe than sorry!

 

Yes, if it doesn't give you any problems why not. I can't remember why I uninstalled it months ago, I believe it's because Vivaldi was acting a bit weird, but I'm not sure if it was MBAE that was causing the problem. I think it was probably AppCheck or KeyScrambler.

 

Malwarebytes Anti-Exploit Beta 1.13.1.494
June 28, 2022
https://forums.malwarebytes.com/top...-exploit-113-build-494-released-june-28-2022/

Download: https://downloads.malwarebytes.org/file/mbae

 

Malwarebytes Anti-Exploit Beta 1.13.1.516
Nov 17, 2022
https://forums.malwarebytes.com/top...i-exploit-113-build-516-released-nov-17-2022/

https://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

Download: https://downloads.malwarebytes.org/file/mbae

 

Malwarebytes Anti-Exploit Beta 1.13.1.521
Jan 26, 2023
https://forums.malwarebytes.com/top...i-exploit-113-build-516-released-nov-17-2022/

https://www.majorgeeks.com/files/details/malwarebytes_anti_exploit_(formerly_exploitshield).html

Download: https://downloads.malwarebytes.org/file/mbae

 

Just decided to reinstall on this Windows 10 Pro laptop, after my Surface Book laptop failed back in May 2021.

I had forgotten about MBAE.

 

Just updated to v1.13.1.543

 

Malwarebytes Anti-Exploit 1.13.1.543

Stability/issues fixed:

• Fixed issues with Chrome browser
• Fixed false positives with WMI abuse protection
• Fixed false positives with MS Office products
• Fixed issues adding custom shields
• Improved Logging capabilities
• Internal Product Improvements

https://forums.malwarebytes.com/top...ti-exploit-113-build-543-released-may-4-2023/

 

Just updated my version:

Malwarebytes Anti-Exploit 1.13.1.551
Protection:

• New protection technique to block exploits from abusing MS Office and scripting applications
• New technique to protect MS Office applications from loading points abuse attacks
• New technique to protect MS Office applications from batch command abuse attacks
• New granular protection against VBA7 process and VBE7 object abuse
• New protection for email clients against scripting applications abuse attacks
• New protection to protect MS Office applications from macro 4.0 abuse attacks

Stability/issues fixed:
• Fixed slowdown issues with MS Excel application
• Disabled Java shield by default
• Improved Logging capabilities
• Internal Product Improvements

 

Malwarebytes Anti-Exploit BETA 1.3.1.558 has been published. (19-September-2023)

Autoupdate but Download & Release Notes: https://forums.malwarebytes.com/top...i-exploit-113-build-558-released-sep-20-2023/

 

Does anyone know why Vivaldi isn't added to the protection-list by default? In other words, you will have to add it yourself, perhaps anyone can ask about this on their forum.

 

Hello @Rasheed187

Without asking Malwarebytes' AE/MBAE's Technical Product Manager, I feel she would tell us that several hundred browsers are vying for market share and keeping that type of DB current would be a never-ending chore. Chrome is going to lead for a long time.

If you feel the need to pursue this further, please open a topic in the Malwarebytes' AE Beta sub-forum.

Thank you.