ZeroVulnerabilityLabs ExploitShield

Discussion in 'other anti-malware software' started by sbwhiteman, Sep 28, 2012.

Thread Status:
Not open for further replies.
  1. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    The issue you are seeing with the "shielded apps" counter is known:
    http://www.zerovulnerabilitylabs.com/forum/viewtopic.php?f=2&t=22

    Only Acrobat/Reader and Foxit are supported PDF readers.

    No support for browser outside of the ones mentioned in the "Shields" tab of the GUI.

    Yes the right-click behaviour minimizes the GUI to traybar, it's by design.

    Thanks for testing! ;)
     
  2. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    1) Will this conflict with my current AV by any chance? (BullGuard Internet Security 2013)

    2) I am not to keen on installing a BETA 0.7 :(
     
  3. Baedric

    Baedric Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    163
    I wouldn't install it unless I were planning on Beta testing it, although it does look promising!
     
  4. ELWIS1

    ELWIS1 Registered Member

    Joined:
    Sep 29, 2010
    Posts:
    60
    I see that the free version (browser edition) is protected mostly java, pdf and flash player.
    IF the program protects against exploits java script in some way?
     
  5. harshisthere

    harshisthere Registered Member

    Joined:
    Aug 8, 2011
    Posts:
    84
    can the developer verify if ES protects the beta version of java that is Java 8 build 59 available in openjdk.java.net

    Is it safe to use beta version of java?
     
  6. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    here you go. Still as of now, it's being blocked.

    http://imgur.com/j9ixM
     
  7. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,979
    @ GrammatonCleric

    Thanks for the screenie :thumb: Pity you had to blank out the interesting bits ;)
     
  8. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Yeah I like to keep my job. :)

    Besides I don't want to give out an exact example so it won't be copied and used for spearphising e-mails.
     
  9. nikanthpromod

    nikanthpromod Registered Member

    Joined:
    Oct 9, 2009
    Posts:
    1,369
    Location:
    India
    currently using this.. no issues so far:)
     
  10. harshisthere

    harshisthere Registered Member

    Joined:
    Aug 8, 2011
    Posts:
    84
    Has anyone tested Kaspersky Anitvirus 2013 which comes with a similar feature call Automatic Exploit Prevention, can someone do test and tell how does it compare with exploitshield?
     
  11. pajenn

    pajenn Registered Member

    Joined:
    Oct 26, 2009
    Posts:
    930
    i tried ExplotShield for several weeks, but decided to uninstall it because it was interfering with my legitimate internet use.

    here's one example: i tried to sign in to a university site using my online banking creditials for ID (a common practice in my country). ExploitShield stopped the Java dll launch that handles the bank sign-in and "protected" me from verifying my identity for this legitimate service (until I killed it).

    fwiw, i'm in Europe. maybe ExploitShield is better suited for US customers.
     
  12. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    6,089
    Location:
    USA
    The vendor might have been able to help you sort that out. Another option would have been to just turn off ExploitShield (ES) when visiting that site until the problem is fixed (perhaps in the next beta).
     
  13. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    We are working on a fix for those types of problems for beta2 (version 0.:cool:.
     
    Last edited by a moderator: Oct 22, 2012
  14. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,051
    Is there a free 64bit version planned at all please.?
    Thanks.:cool:
     
  15. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
  16. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,051
    i assume this will not work in a standard user account.o_O
     
  17. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
  18. ELWIS1

    ELWIS1 Registered Member

    Joined:
    Sep 29, 2010
    Posts:
    60
    @ZeroVulnLabs

    Hi

    Is a conflict SpyShelter Premium 6.5 with Exploit Shield beta of 0.7. When the programs together, ,,cooperate'' I can not run a web browser. The function, AntiNetworkSpy'' in SpyShelter block hooks in browser. After turning off ExploitShield operating normally.
     
  19. Melf

    Melf Registered Member

    Joined:
    Sep 7, 2010
    Posts:
    105
    So, this thing looks pretty nice. I will definitely be keeping a watch on development here.

    Question re: the Chrome exploits listed on your site as having been stopped by ES. Are these exploits actually considered to have "Pwned" Chrome's sandbox, i.e. written to disk or been able to access more than their intended low privilege aka "toothless" form? The reason I ask is, while the protection of other applications (eg media player, doc readers) offered by ES sounds really useful to me, I was not under the impression that Chrome suffered from nearly this number of exploits. I was under the impression that the number could perhaps be counted on one hand (before this year, there were NO exploits AFAIK, and the bundled Flash was finally Pwned this year).

    (NB: ignore Chrome Java exploits, which are not protected by the Chrome sandbox, and I wouldn't touch Java with a 10 ft pole anyway :D).
     
  20. xorrior

    xorrior Registered Member

    Joined:
    Mar 22, 2010
    Posts:
    66
    Doesn't block execution through tcpip.sys overflow and flash and java ROP..

    Another security product by security professionals..
     
  21. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Obviously a false positive by SpyShelter. They should allow ExploitShield to inject.


    For those vulns to which we don't have access to it's hard to tell anything from the Google Chrome vulnerability descriptions. Unlike the rest of companies Google is very shady in their vuln descriptions.

    It's not supposed to block execution through tcpip.sys. As it name implies ExploitShield Browser Edition blocks execution through browser and browser components. Regarding the flash and java ROP can you post some example(s)?
     
  22. kdcdq

    kdcdq Registered Member

    Joined:
    Apr 19, 2002
    Posts:
    815
    Location:
    A Non-Sh*thole State
    For those of you on the fence about ExploitShield, I am running it on my five Win7 x64 systems and it has not caused any problems with the functioning of these systems. I will probably be purchasing a copy of this software once it is released.
     
  23. Melf

    Melf Registered Member

    Joined:
    Sep 7, 2010
    Posts:
    105
    So will there be a lifetime license for home users for the corporate version? (I imagine the corporate version will be subscription based for enterprise use).
     
  24. harshisthere

    harshisthere Registered Member

    Joined:
    Aug 8, 2011
    Posts:
    84
    I am not sure if it is required or not but ES is not using ASLR in Windows 8 RTM Enterprise 64 bit.

    Image from Process Explorer
    http://i.imgur.com/c9pWW.jpg
     
  25. ZeroVulnLabs

    ZeroVulnLabs Developer (aka "pbust")

    Joined:
    Mar 5, 2012
    Posts:
    1,189
    Location:
    USA
    Try running Process Explorer with elevated admin priviledge to see if you get the same thing.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.