ZeroVulnerabilityLabs ExploitShield

Thanks for the reply, and I look forward to the new beta release as well as the final.

 

Sorry I missed this.

I stopped updating it as it was very labour intensive. But you can easily get regularly updated exploit URLs from different sources, such as:

http://www.malwaredomainlist.com/hostslist/mdl.xml
http://www.malwareblacklist.com/mbl.xml
http://malwaredb.malekal.com/export.php?type=url
http://urlquery.net/rss.php (high volume, search for entries with alerts)

 

We just released ExploitShield Browser Edition version 0.8
http://www.zerovulnerabilitylabs.com/home/exploitshield-browser-edition-0-8/

 

Thanks,

When I open the installer I get this error
http://www.faqforge.com/windows/fix...-missing-from-your-computer-error-on-windows/

I didn't get it with 0.7 beta

Anyway it can be installed, it's that a problem? Apparently the program has been installed and is working properly

 

Same here on W7 x64 Home Premium SP1

 

Hmmmm.... probably missing the Visual C++ 2010 Redistributable. Do you have it installed?

 

Negative, not installed.

 

That's probably the problem. But it should have given the same error when installing 0.7.

 

No, I never received the error in 0.7

 

I get the same error on a Win 8 Pro 64 bit machine but ES goes ahead and installs. I have the x86 version of C++ installed. I notice on Win * x64 that when you start IE10, the parent process is 64 bit and then all the child processes it launches are 32 bit. The ES dll injects itself into the 64 bit parent but none of the 32 bit IE10 child processes have the ES dll injected. Is the correct operation?

Also on the C++, I did not install the x86 version, it is just already on my machine also. Is there and should I also have a 64 bit version of C++ installed?

 

I also noticed that in order to get the ES dll injected into all IE10 instances, first I must have ES running, start IE10, and then go to the ES GUI and stop protection and then restart it again. This is the only way that I can have the ES dll injected into all IE10 instances.

 

False Positive;
When open pdf files on Firefox with Sumatra PDF integrated

 

No internet connection when installed.
Windows 7, 32 bit
IE 9

 

.8 installed cleanly over the top of .7 (Win7x64) - color me lucky I often had the disappearing icon issue with .7 so I'll be watching for that over the next few reboots and Hibernation cycles. .8 looks pretty much the same as .7, so I guess all the good stuff happened under the hood. Will there be skin support? (just kidding!)

 

the same for me

i can not confirm this behaviour,

 

We'll have to take a closer look at the installation dependencies. Thanks for reporting.

@guest, in regards to Sumatra PDF we'll try to replicate it here. Thanks.

@Thankful, what do you mean with "No Internet connection when installed"? Do you mean it breaks your connection??

@puff-m-d the injection should happen automatically to all IE child processes as @test shows. We will try it out here in some machines to see if we can replicate.

 

@ ZeroVulnLabs
Yes. It breaks my internet connection.

 

Can you provide more information? What do you mean, your browser cannot connect to websites, your cable/wifi connection is completely down, your network adapter dissapears, ....?

 

My browser cannot connect to websites. Same thing happened with previous version.

 

Do you have some other HIPS installed like Comodo or something like similar that might be blocking the injection into the browser? If so check your other security products to make sure they are not interfering with ExploitShield.

 

Ok, I understand. Thanks for the links.

 

Right, but it doesn't really protect the browser. It protects against drive-by exploits. There's no protection against cross site scripting, redirects, malware installed via downloading files from the browser, etc. etc.

That's why I say it's a bit misleading. It doesn't protect the browser, not by a long shot. It protects against drive-bys. If it were my product I would call the free version "ExploitShield Drive-By Version."

 

We detected a small bug and have uploaded version 0.8.1.

If you have 0.8 installed please download and install the new 0.8.1.

 

I've downloaded the latest beta (0.8.1) and installed over the previous one. I've started both IE8 and Firefox. Exploitshield shows that both browsers are protected. If I close both browsers, the shielded applications shows -2. When I reopen both browsers, the shielded applications number shows zero.
Foxit, Microsoft Word, and Excel don't appear to be protected when they are opened.
Allen

 

If desired, how do you uninstall ExploitShield?