Author Topic: Anybody using Malwarebytes anti-exploit?  (Read 16175 times)

0 Members and 1 Guest are viewing this topic.

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 614
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #30 on: July 10, 2015, 09:22:35 AM »
You're saying that MBAE "messed up" LastPass (and/or Security Essentials Beta)?   I'm not using either, so I can't comment.   But yes, definitely inquire at the MBAE forum... Pedro is very cooperative.

https://forums.malwarebytes.org/index.php?/forum/125-malwarebytes-anti-exploit-support/

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #31 on: July 10, 2015, 11:32:30 AM »
MSE Beta? Personally, I would not run a beta version of my primary security program on my main system. Nor would I assume MBAE was necessarily at fault with LastPass either. I recommend you go back to the regular release version of MSE.

I am assuming you have LastPass integrated with your browsers - that may be the issue. I would try it again, only this time, make sure your browsers are not running when you install MBAE.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline Pierre75

  • Sr. Member
  • ****
  • Posts: 410
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #32 on: July 10, 2015, 10:27:19 PM »
I appreciate the replies I have received but a big stick has been stuck in the wheels. Every household in our district has received a letter from the NBN company. It states they cannot guarantee drop outs of the internet till such time their work is complete. They are installing fibre optic cables to speed up the net. However we will get Fibre to the Node (FTTN) which means from the node the old copper wire to all homes will still be used. Their estimate of conclusion is 6 months so till then I am not going to perform any major upgrades to my PCs including Windows 10. I suspect that is what happened last night as I was unable to contact my own ISP to check my usage and MailWasher would not receive any messages for a couple of hours. Sorry, I guess that is progress.  :thud:
IF IT AIN'T BROKE -  DON'T FIX IT

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19421
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Anybody using Malwarebytes anti-exploit?
« Reply #33 on: July 11, 2015, 01:24:22 PM »
With yet another Adobe Security Bulletin for Flash Player, it is strongly recommended that everyone use either Malwarebytes Anti-Exploit or Microsoft EMET.

MBAE:  Malwarebytes | Malwarebytes Anti-Exploit - Free Zero-Day Exploit Protection (Note:  Uncheck the free trial for the pro version when installing)

EMET:  The Enhanced Mitigation Experience Toolkit


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline DR M

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1606
  • Keep on keeping on.
    • View Profile
    • Grecian Geek Genius
Re: Anybody using Malwarebytes anti-exploit?
« Reply #34 on: July 11, 2015, 01:40:30 PM »
I just downloaded MBAE!

Yesterday there was a crash of Flash Player, while I was watching an embedded in a web site youtube video, although I had already updated it.

(These days, there are two options for my computer: be nice and good, safe and strong against malware, or simply a silly box! You see, a lot of free time!!! )
"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #35 on: July 11, 2015, 02:30:42 PM »
I cannot justify spending $25/year on the pro version of MBAE. Yes, being able to install it on 3 computers is nice but W7/8/10 are not XP. We just don't need layer after layer after layer of security on these modern operating systems. I can see MBAM Premium along with MSE/WD (or your preferred alternative) but 3 deadbolts on the door is not going to keep you safer than two.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 614
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #36 on: July 11, 2015, 03:40:37 PM »
Concerning protecting Flash with EMET... it's unclear to me if (or how) this can be done.   For the IE/ActiveX version, Flash is an .ocx file, and (unless newer versions of EMET have included this), it doesn't fall within EMET's realm of protection (which is just .exe files).

Emphasize that FlashUtil(version)ActiveX.exe is the ActiveX UNinstaller, not Flash itself.   So no Flash protection is gained by having EMET monitor this uninstaller file.

Likewise, for the Plugin version, Flash is a .dll file (NPSWFversion.dll) which EMET doesn't [or at least, didn't] cover.   Similarly, FlashUtil(version)Plugin.exe is the Plugin's UNinstaller.   
Note:  In the plugin case, there IS an extra file, FlashPlayerPlugin(version).exe, but I'm not sure whether or not protecting this with EMET is the right way to go.   Maybe so... maybe not.

In contrast, MBAE *does* protect Flash inside any browser it's monitoring.   And yes, browser (including Flash) protection is available in the FREE version of MBAE.

------------------------------------

Dr. M:   The question now is whether MBAE caused the crash in Flash because of an incompatibility between the two programs... or whether MBAE was actually intercepting an exploit, and "intentionally" caused Flash to crash, so as to protect you from the exploit getting to execute.   [Or did the Flash crash happen yesterday, before you installed MBAE (today?)?]


Offline DR M

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1606
  • Keep on keeping on.
    • View Profile
    • Grecian Geek Genius
Re: Anybody using Malwarebytes anti-exploit?
« Reply #37 on: July 11, 2015, 03:53:50 PM »
Dr. M:   The question now is whether MBAE caused the crash in Flash because of an incompatibility between the two programs... or whether MBAE was actually intercepting an exploit, and "intentionally" caused Flash to crash, so as to protect you from the exploit getting to execute.   [Or did the Flash crash happen yesterday, before you installed MBAE (today?)?]

The crash happened yesterday, before I installed MBAE, and after I updated Flash to the latest version, from Corrine's links. I installed MBAE today, after I read the recent posts of this topic.
"In one of the stars I shall be living. In one of them I shall be laughing. And so it will be as if all the stars will be laughing when you look at the sky at night.. You, only you, will have stars that can laugh..."

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 614
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #38 on: July 11, 2015, 04:00:12 PM »
Confirmation from the MBAM team that MBAE *does* protect users from this latest Flash exploit:  https://blog.malwarebytes.org/exploits-2/2015/07/new-hacking-team-flash-player-0day-uncovered/

Offline ky331

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 614
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #39 on: July 11, 2015, 04:27:37 PM »
To the extent this helps, here's an article that mentions EMET 5 can block Flash files from executing within Office documents... but that's a far cry from stopping Flash exploits in browsers:

http://www.eweek.com/security/microsoft-takes-aim-at-java-security-with-emet-5.html

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19421
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Anybody using Malwarebytes anti-exploit?
« Reply #40 on: July 11, 2015, 04:47:10 PM »
I cannot justify spending $25/year on the pro version of MBAE. Yes, being able to install it on 3 computers is nice but W7/8/10 are not XP. We just don't need layer after layer after layer of security on these modern operating systems. I can see MBAM Premium along with MSE/WD (or your preferred alternative) but 3 deadbolts on the door is not going to keep you safer than two.

Not everyone has the premium version of MBAM so adding MBAE free is certainly not going to hurt, particularly considering that this is the third Flash Player zero-day in just over two weeks. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #41 on: July 11, 2015, 05:41:36 PM »
I cannot justify spending $25/year on the pro version of MBAE. Yes, being able to install it on 3 computers is nice but W7/8/10 are not XP. We just don't need layer after layer after layer of security on these modern operating systems. I can see MBAM Premium along with MSE/WD (or your preferred alternative) but 3 deadbolts on the door is not going to keep you safer than two.

Not everyone has the premium version of MBAM so adding MBAE free is certainly not going to hurt, particularly considering that this is the third Flash Player zero-day in just over two weeks. 
I agree. IMO, the free version of MBAE is worth adding, regardless if users are using MBAM Premium or the MBAM Free. I think all users should be using one or the other. I added MBAE right after Malwarebytes announced its release and except for a new icon in my system tray, I noticed nothing. That is, no performance hits or increased boot times, or annoying pop-ups.

I am just saying the difference between the free and pro versions of MBAE don't seem worth $25/year to me. I might consider a one-time fee of $25 to show my support, but not yet another recurring fee just to use my computer safely on the Internet.

It is not that $25 is beyond my budget. Nor is it that I am too frugal. In fact, I am pretty good at wasting money - if it is something I want or think I need. It is just that (1) I don't see the need for MBAE Pro and (2) I despise recurring fees. In fact, based on my experience with MSE and WD with MBAM Free, I am not sure I would be using MBAM Premium with its recurring fees if I wasn't already grandfathered in with MBAM Pro and its lifetime licenses. Same with WinPatrol Plus, BTW, now that it too has annual renewal fees. :(

Now that I am now officially retired (as far as the IRS and Social Security are concerned) most of my remaining long time clients are around my age or older and on fixed incomes. The majority of the rest of my clients live paycheck to paycheck. I just don't believe consumers should have to spend small fortunes just to use their computers safely. Not after already spending a bunch on the computer and their Internet access too. Many are just now getting over being upset that I forced them to retire their perfectly good XP systems and buy new systems that support a modern OS they had to learn, just so they could remain safe.

So having to spending more (and especially recurring fees) for another security program eats at my craw. This is especially true, IMO, when the anti-malware industry has absolutely no incentive whatsoever to rid the world of malware. Something they told Congress and the EU was their job way back when Microsoft was trying to put anti-virus code in XP. Without malware, Norton, McAfee and the others would go out of business.

Same with ISPs and the big telecommunications carriers, btw. They would much rather sell you more bandwidth than even attempt to block spam and malware at the source. Even when we know that spam makes up at least 50% of all message traffic (I've seen estimates of 80 - 90%!!!).

This is why I applaud, support, use and recommend Microsoft products by using **FREE** MSE on my W7 systems and WD on W8/10, ESET, Windows Firewall. Microsoft has a HUGE incentive for stopping malware: so they will stop getting blamed for actions of badguys and the incompetence of the anti-malware industry. FTR, I also fault our elected leaders for not funding or supporting anti-cybercrime like they should. And the UN for not enforcing compliance of existing anti-cyber and copyright infringement laws on its members.

[rant off]
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline Pierre75

  • Sr. Member
  • ****
  • Posts: 410
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #42 on: July 11, 2015, 10:23:16 PM »
I appreciate the replies I have received but a big stick has been stuck in the wheels. Every household in our district has received a letter from the NBN company. It states they cannot guarantee drop outs of the internet till such time their work is complete. They are installing fibre optic cables to speed up the net. However we will get Fibre to the Node (FTTN) which means from the node the old copper wire to all homes will still be used. Their estimate of conclusion is 6 months so till then I am not going to perform any major upgrades to my PCs including Windows 10. I suspect that is what happened last night as I was unable to contact my own ISP to check my usage and MailWasher would not receive any messages for a couple of hours. Sorry, I guess that is progress.  :thud:

Just a short addition to my previous. After yesterday's debacle with my ISP (iiNet) I have come to a screaming stop. I suspect they had a DDOS attack and were down for 12 hours. That meant no emails or access to their website at all. I was still able to access other websites and FB posted a notification on the iiNet link that they had problems. So now have come to a stop. I don't like it but I have 25 years of genealogy work stored away and run constant backups of the files to an offsite drive. I have 7 family names going back to 1500s. QED   :2cents:
IF IT AIN'T BROKE -  DON'T FIX IT

Offline plodr

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1092
    • View Profile
Re: Anybody using Malwarebytes anti-exploit?
« Reply #43 on: July 11, 2015, 10:29:53 PM »
I'm not sure yet if I want to install MBAE. I changed a flash setting yesterday. I now have it set to ask to activate.

It takes an extra click when I want to watch something but it also gives me time to think how much I need to see things on sites. I hope this is a better protection.

Offline Corrine

  • The Mystical Rose
  • Administrator
  • Hero Member
  • *****
  • Posts: 19421
  • "Stronger than the past, united in our goal."
    • View Profile
    • Security Garden
Re: Anybody using Malwarebytes anti-exploit?
« Reply #44 on: July 11, 2015, 10:34:56 PM »
I suspect they had a DDOS attack and were down for 12 hours.
I checked out their page and how it first started out as
Quote
At present, this event is not believed to have any impact on service connections and we recommend conventional troubleshooting steps to diagnose and resolve any service issues.
and then progressed to
Quote
Engineers have attributed the cause of the described issue to be due to a large volume of external traffic directed towards Group services.
That's one way of describing a DDoS attack.  :lol:

I'm not sure yet if I want to install MBAE. I changed a flash setting yesterday. I now have it set to ask to activate.

It takes an extra click when I want to watch something but it also gives me time to think how much I need to see things on sites. I hope this is a better protection.
I guess it depends on how often you use Flash Player. 


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.