Malwarebytes Anti-Exploit

Discussion in 'other anti-malware software' started by ZeroVulnLabs, Oct 15, 2013.

  1. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    1,197
    Location:
    The Netherlands
  2. haakon

    haakon Guest

    Now, that is just downright confusing. o_O

    That info about .1189 was posted up on August 13.

    But
    https://www.malwarebytes.org/antiexploit/
    and
    https://www.malwarebytes.org/antiexploit/premium/
    show the version as 1.08.1.1045
    which according to
    https://www.malwarebytes.org/support/releasehistory/
    was released... November 23??
     
  3. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    5,954
    files inside are from 29.01.2016 (DD.MM.YYYY) - brand new
     
  4. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    We've just posted the auto-upgrade to build 1189. Your MBAE should auto-upgrade over the next few hours/days.
    The new downloads link will be updated shortly.

    As for the post being from August 13, it is true, but it gets edited often to point to newer builds. The 1189 version is a hotfix to 1045 and intermediate builds were for testing the hotfix.

    Changelog of 1189 over 1045 is as follows:

    Fixes:
    • Improve fingerprinting detection
    • Improve Layer1 stability
    • Fix for Windows 10 injection bug
    • Fix for Chrome 64bits protection
    • Fix for BitDefender bug causing conflicts
    • Fix false positive condition in Java shield
    • Fix potential memory leak condition
     
  5. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,294
    Location:
    USA
    Updated. Running smooth.
     
  6. LagerX

    LagerX Registered Member

    Joined:
    Apr 16, 2008
    Posts:
    565
    Auto-upgrade happened here too. Did not even notice it (y)! :)
     
  7. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,833
    Location:
    .
    I had "Automatically upgrade to new versions" box unchecked then suddenly MBAE "automagically" (lol) upgraded this morning when it wasn't supposed to do so.
    Needless to say didn't like it at all.
    I always want to have full control of such tasks, just like upgrading my software. The mentioned box remained unmarked after upgrade though.
     
  8. CHEFKOCH

    CHEFKOCH Registered Member

    Joined:
    Aug 29, 2014
    Posts:
    395
    Location:
    Swiss
    Got the silent update today (1.08.1.1189), now everything works well on my end. Thanks, now let's see under real-world tests. :shifty:
     
  9. SIR****TMG

    SIR****TMG Registered Member

    Joined:
    May 31, 2004
    Posts:
    833
    All three updated auto,with no problems
     
  10. haakon

    haakon Guest

    Strange.

    I also have the "Automatically upgrade to new versions" box unchecked on all three of my systems (two Premium and one Free).

    For all, a dialogue popped open with OK and Cancel choices for "Do you want to upgrade automatically...?"

    And a check box for "Always upgrade automatically and transparently." Checked by default, I uncheck.

    All upgraded smoothly and without issue after selecting OK.
     
  11. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Hmm, that's weird. The expected behavior is the following:
    1. If checkbox is enabled, MBAE automatically upgrades when it finds a new version online.
    2. If checkbox is disabled, when MBAE detects a new version is available, it shows a dialogbox prompting the user to accept/cancel the upgrade. This dialogbox has a checkbox for "automatically upgrade always".
      • If the user cancels the upgrade, nothing happens
      • If the user accepts the upgrade but unchecks the checkbox in dialogbox, MBAE upgrades itself but Settings auto-upgrades remain disabled.
      • If the user accepts the upgrade and leaves checkbox checked in dialogbox, MBAE upgrades itself and changes Settings auto-upgrades to enabled.

    If you experienced something different please send me a ZIP with your MBAE logs to see if this is in fact a bug.
     
  12. Mr.X

    Mr.X Registered Member

    Joined:
    Aug 10, 2013
    Posts:
    4,833
    Location:
    .
    Thanks Pedro. I experienced bullet 2 so know I understand what happened, thanks again.
     
  13. Dragon1952

    Dragon1952 Registered Member

    Joined:
    Sep 16, 2012
    Posts:
    2,471
    Location:
    Hollow Earth - Telos
    1189 seems to work better so far on w7 64 and chrome 64 browser. My sub ran out a few months ago after 12 months but the GUI still says Premium.
     
  14. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
    I'm using MBAE without problems since long time ago.

    After the upgrade (from 1.08.1.1045 to the latest version 1.08.1.1189), I'm facing problems with MBAE/Adobe Reader:
    I can't open any PDF file because Adobe Reader crashes -> a black sreen appears (abt 1 second) -> MBAE missing its icon from the taskbar (MBAE services are running).

    In order to run normally the MBAE/Adobe Reader, I left the Adobe Reader shield deactivated.

    OS: Windows 10 Pro x64 (Version 1511 - Build 10586.71)
     
  15. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
  16. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
  17. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
    I spoke too soon.....
    Same problem again, same workaround: Adobe Reader shield deactivated.
     
  18. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    What is your exact Acrobat version? Does it happen with a specific PDF or any PDF file?
     
  19. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
    a) Adobe Reader XI, v11.0.14
    b) It happen with any PDF file.

    It happen with Adobe Reader "Protected View" enabled or disabled.
    No problems till MBAE 1.08.1.1188
     
    Last edited: Feb 8, 2016
  20. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Thanks, we will try to repro.
     
  21. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
    Back to 1.08.1.1045.
    All shields (including Adobe Reader) activated, no problems.
     
    Last edited: Feb 9, 2016
  22. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Is this normal behaviour? Latest version of MBAE and Windows 10 64-bit. Not that I'll be watching Blu-rays often, but before I added the shield it seemed to work fine.
     

    Attached Files:

  23. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Tried replicating under same environment but couldn't. Anybody else experiencing this problem?

    Might happen with some players or plugins that have obfuscation for protection of media files.
     
  24. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    8,039
    fyi:
    Version 1.08.1.1189 re-installed and tested once again:
    Further to the Adobe Reader bug, new weird things started:
    I hover the mouse over any installer
    (i.e.: mbam-setup-consumer-2.2.0.1024, mbam-setup-majorgeeks-2.2.0.1024, aida64extreme560) as soon as I hit the right click=
    A black screen appears (abt 1 second) -> MBAE missing its icon from the taskbar, MBAE services are still running, see also the attached screenshot 1.
    MBAE tested with mbae-test and still working screenshot 2.

    Reboot and MBAE icon appears in taskbar again.
    I hover the mouse over any installer and hit the right click:
    Sometimes nothing happen, sometimes the above mentioned bug appears.
     

    Attached Files:

    Last edited: Feb 9, 2016
  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Hmm, OK. Hopefully there won't be some Blu-ray rootkit not just for games... Now that'll be an exploit since videos aren't meant to be executable.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.