Malwarebytes Anti-Exploit

Yes, MBAE currently protects Flash, Shockwave, Silverlight, Java and any other browser add-on, plugin, etc.

Yes, MBAE protects IE, Chrome, Firefox and Opera by default if installed on the computer (and if installed at a later date).

 

Q asked about browser variants...Dragon, Iron, Waterfox, etc. but as far as I remember you once said Not yet.

 

Thank you but the question is whether MBAE also recognizes and protects the browsers which are variants of Chrome and Firefox for example SRWare Iron, Pale Moon, Waterfox and Cyberfox all the while keeping in mind there may also be several of various versions of Chrome and Firefox installed on the same computer.

Another good question is: suppose someone installed an addon for Firefox that was actually a security breach (as some are). Will MBAE detect this every time or does it assume all installed addons are safe since they have been installed in the browser?

Lastly will MBAE protect the browsers if perchance some older versions of Flash or Java are installed on the computer/browser (along with the current versions as well)?

Many users have older versions of Flash, Java and other addons that are out-of-date having been replaced by newer versions that have been patched because of security breaches found in the previous version.

To summarize: Imagine one computer that has installed (before MBAE is installed) Chrome versions 22 & 35 wherein a few versions of Flash are also installed. That same computer also may have Firefox 3.1, 20 & 27.01 along with Waterfox and Dragon each with older and current versions of Java and Flash.

Thank you and best regards

 

Sorry I misread. Currently MBAE only protects the main browsers mentioned earlier (IE, FF, Chrome & Opera). But we are currently implementing the ability for you to add any browser variants or other third-party applications that you wish. It will be ready in a couple of beta versions.

Yes, any addons that run in the browser's process space are automatically protected by MBAE.

Yes, MBAE is version-agnostic (as well as vulnerability-agnostic and payload-agnostic). If the addon is running within the browser process space it is automatically protected by MBAE.

With the exception of the Waterfox and Dragon browsers (which you'll be able to protect in a couple of MBAE versions) the answer is yes, MBAE will protect all those up-to-date and outdated browsers and its up-to-date or outdated addons.

 

How about malicious addons? How are they treated? Let us say they are installed in the browser before the first use of MBAE.

 

Depends on what the malicious addon does. If it inserts an iframe to every page which points to an exploit kit, then MBAE would block the exploit from ever running. But if the malicious addon does something different like keylogging for example, then it is outside of the scope of MBAE. I suggest reading the MBAE FAQs for a more in-depth discussion of what MBAE is and is not:
https://forums.malwarebytes.org/index.php?showtopic=136424

 

Pedro, I am one of those who has been promised a license.
When will the stable offer is still valid?
TH.

https://www.wilderssecurity.com/showpost.php?p=2243385&postcount=42

 

I hope so, I have 4 posts before him

 

No worries, everyone who helped out during the MBAE beta reporting/reproducing bugs either here or in the Malwarebytes forum will receive a license key. No limit on the number.

 

Good.
TH.

 

For what it's worth, EMET does implement stage 2 mitigation techniques (anti-ROP). In case you want to update your FAQ. It does not implement stage 3 techniques.

 

Good point, fixed. Thanks.

 

Looking forward to using this again. I uninstalled it so that I could try out EMET, but it configuration setup can be a challenge.

 

Tested latest version (0.10), less delay in protected programs startup (as 0.09), still mail programs missing (for business environment outlook is also a threatgate, when will this be protected also)

 

Yes, email clients is in the backlog as well.

 

@ ZeroVulnLabs

I've sent you a PM, about the new version.

 

Yes, it will be released very soon.

 

Well, that was not really the question.

But nice to hear, I would really like to test it.

Can you perhaps post some screenshots?

 

What will be the difference between the free and paid versions of MBAE?

 

GUI of the upcoming 0.10 version is practically the same as the 0.09.

As for what the free vs paid version will have, we're not ready to say this yet. You'll be able to see it once we release a beta version of it (with the new GUI).

 

MBAE 0.10.0.1000 just released.

Please check the release notes:
https://forums.malwarebytes.org/index.php?showtopic=143429

 

The new 0.10.0.1000 version runs smooth so far.

Why mbae-svc.exe goes into the Internet?

 

Simple heartbeat ping back to us to know how many users are using it:
https://forums.malwarebytes.org/index.php?showtopic=136424
FAQ 19

 

Looks good, installed and working fine for me so far. Nothing visibly different from the previous version...... the "Shielded Applications" counter still seems acts like a random number generator!