Malwarebytes Anti-Exploit

Discussion in 'other anti-malware software' started by ZeroVulnLabs, Oct 15, 2013.

  1. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    I was wondering why my Java update always failed with a 1603, turns out to be having MBAE enabled.
     
  2. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Is this with MBAE 1.04 or with 1.05 Experimental?
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    MBAE 1.04. Uninstalled Java 7 and tried the online and offline installers of Java 8.
     
  4. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Yes that's a known issue with 1.04.

    Try 1.05 in my sig link. It fixes this problem.
     
  5. MBAE.

    In the experimental build, the time to inject the DLL in latest Chrome decreased substantially, half a second faster on my PC, an improvement of over 60% :thumb: making it injecting the dll way faster as comparable products.

    Thx
     
  6. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Cool, thanks for noticing!

    That's due to the internal engine improvements to 1.05. It might seem like just a small version increase, but the improvements in 1.05 over all previous MBAE versions is HUGE.
     
  7. You are right, I made an error in calculation, loading time reduced from 0.82 secs to 0.33 secs. Only Chrome naked starts in 0.24 secs So the reduction is not 60% but 85%. That is really a huge improvement.
     
  8. G1111

    G1111 Registered Member

    Joined:
    May 11, 2005
    Posts:
    2,273
    Location:
    USA
    Updated to 1.05.3.1011 beta. Changelog? No problems so far.
     
  9. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Same changelog as 1010. Build 1011 just includes some additional fine-tuning of a couple of bug fixes.
     
  10. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    4,979
    Justed updated. Interesting that the setup file was intercepted by another beta software, that I am running at the same time, i.e. Crystal Security. Of course, allowed it to run. ;)

    ScreenShot_CS_MBAE_v1.0.3.1011 experimental setup_01.gif ScreenShot_CS_MBAE_v1.0.3.1011 experimental setup_02.gif
     
  11. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    I'm a MBAE Premium user, and so far, very satisfied. My only concern is that is seems like "product development" is very slow - a long time between final version releases. Am I justified in that assessment or am I just being overly anxious?
     
  12. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    This year we've had 6 releases so far, 2 beta (0.09 & 0.10) and 4 commercial (1.01, 1.02, 1.03 and 1.04). In addition the next commercial version 1.05 will be released before the end of month. All in all that's a total of 7 releases this year or, looking at it another way, an average of a new release every 1.7 months. That's a lot more than most other products I know of ;)
     
  13. WildByDesign

    WildByDesign Registered Member

    Joined:
    Sep 24, 2013
    Posts:
    2,587
    Location:
    Toronto, Canada
    They seem to pack quite a bit of enhancements/fixes into each release though, which is good to see. I imagine a lot of these enhancements/fixes are quite sophisticated as well.
     
  14. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,654
    Location:
    USA
    I have been using 1.05.3.1010 for 3 days now without any problems. I also added several custom shields. I do suggest maybe giving more profiles options to choose from when adding a custom shield. You may want to consider a profile for instant messengers, and P2P applications (emule, torrent client ,etc). You may also want to give an option to browse to the executable the user wants to add as a custom shield.
     
    Last edited: Nov 15, 2014
  15. clubhouse1

    clubhouse1 Registered Member

    Joined:
    Sep 26, 2013
    Posts:
    1,124
    Location:
    UK
    It definitely needs a browse to exe. function.
     
  16. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,301
    Location:
    Italy
  17. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    This is great and everything for the people testing this product out. But I'm going to wait until compatibility is a simple matter of MBAE's product being added to the list of "Software Compatibility" in Sandboxie Control... there along with all the other products, hordes of AV's and whatnot. There with Comodo FW/D+ for me personally.

    When that is a reality, and the product seems stable over a consistent stretch of time (which seems to be happening now actually), then I'll be ready to purchase the paid version. Even though the only thing on my entire box that qualifies as a potential vulnerability besides Firefox (which is covered by the free version) is VLC media player... which is blocked from the internet, and well restricted by both SBIE & D+... I'll buy it to support what I feel is a great product. And especially a great product for people still on XP, and/or don't like the idea of .NET Framework and the (vulnerable) attack surface and bloat it brings along with it. And so don't use EMET. I really respect them for making XP compatibility a priority even though it's EOL has passed.
     
  18. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    It doesn't need to be added to the compatibility list. Hitman Pro Alert isn't on the compatibility list, and all it took was adding one line to the settings in SBIE. MBAE just needs to spend a bit of time on it.
     
  19. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Yes Peter2150 already requested that and it is currently being worked on for the next version.

    Yes MBAE protects against that and other Firefox exploits.
     
  20. controler

    controler Guest

    First Norton stopped me from installing, then Voodoshield. Got it installed though. I had the paid version, now about shows experimental version. When this version runs out can I add my Lic key back to the released version?

    Thanks
     
  21. Sampei Nihira

    Sampei Nihira Registered Member

    Joined:
    Apr 7, 2013
    Posts:
    2,301
    Location:
    Italy
    TH Pedro.
    On a 32-bit OS is better to use the 1.04 (Premium) or the Experimental Version?
     
  22. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Probably FPs due to the digital signature of the Experimental builds which are ZeroVulnerabilityLabs instead of Malwarebytes signature. As for the license key, nothing to worry about. You can install the release version on top of the Experimental and it will automatically pickup your Premium license. Even if it doesn't you can re-activate it again easily.

    Experimental 1.05 includes MANY internal, performance and compatibility improvements, as well as a whole lot of new exploit mitigations. Also it is very stable according to our own tests and feedback from beta testers here and in our own forum.
     
  23. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,738
    Since I can't run any of my Java apps, the increased performance and compatibility sure is attractive. I'll bite.

    *Actually, even with the experimental, I still get error code 1603 when installing Java 8 when MBAE is enabled. Plus, none of my Java programs will run without disabling MBAE.
     
    Last edited: Nov 16, 2014
  24. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,545
    I know it doesn't "need" to be, but it would make me feel a lot better/more confident in it if it was. I didn't have to add any lines of code to get it to play nicely with Comodo FW... I don't want... shouldn't have to for it to play well with MBAE.

    And most people aren't like us. They won't have the ability nor the inclination to add code into their security products to get them to function properly.
     
  25. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,131
    Location:
    USA
    Any chance 1.05 will be compatible with both SBIE and HMPA?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.