Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Good free anti exploit software


  • Please log in to reply
7 replies to this topic

#1 BetaX

BetaX

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 13 February 2017 - 02:07 PM

Hi all. I need your precious advices on security: i'm preparing a WIN 10 notebook for a non skilled user and i'm focusing on security. Usually i create 2 account (standard for daily use), i enable smartscreen and set UAC at max, and according to your suggestions i use WIN 10 integrated AV, assisted with some antimalware software: Cryptoprevent and an antiexploit. My favourite were HitmanPro Alert and Antimalwarebyte antiexploit. But since these 2 are not (or no more) available in free edition with their antiexploit modules active, now i need a simple and free antiexploit software to install.

 

Any suggestion for a good and light free antiexploit?

 

Do you think my overall security approach is too weak for a non expert user? Should i integrate it with something else?

 

I still have an old MBAE free edition install file (ver 2.2.0 of Jan 2016), but is it safe to install and use an outdated security software also if only as an anti exploit?



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 PM

Posted 13 February 2017 - 03:02 PM

Post #2 in this topicincludes a list of tools.

Although Malwarebytes Anti-Exploit & Anti-Ransomware both have been incorporated into Malwarebytes 3.0, current standalone beta versions of Malwarebytes Anti-Exploit will continue in perpetual beta form.

We will continue offering Anti-Exploit as a stand-alone perpetual Beta. This Beta of Anti-Exploit will include all Premium features of Anti-Exploit. New techniques will be added first to the Anti-Exploit Beta before for testing before they are integrated into Malwarebytes 3.0 Premium. Users who wish to continue using Malwarebytes Anti-Exploit only instead of Malwarebytes 3.0 will be able to do so through the use of this perpetual Beta.

Malwarebytes 3.0 FAQS Existing Subscriptions: What will happen to Malwarebytes Anti-Exploit Free?

 

Malwarebytes Anti-Exploit standalone (MBAE) will from now on be offered as a perpetual beta product. The standalone MBAE will incorporate new protection techniques for fine-tuning purposes before they are integrated into the Malwarebytes 3.x product. Users who wish to continue using Malwarebytes Anti-Exploit only instead of Malwarebytes 3.0 will be able to do so through the use of this perpetual Beta.

MBAE Standalone & Malwarebytes 3.0 Release

 

On 1/3/2017 at 10:34 AM, pbust said:
I think you got it the other way around. Now people that have not paid for MBAE can enjoy MBAE Premium features for free in the MBAE standalone beta. The "beta" concept is basically to denote that MBAE standalone will always be a step ahead of MB3, but not by much.
As a previous MBAE Premium paying customer, your MBAE license key now works with MB3.

MBAE perpertual beta


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 BetaX

BetaX
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 13 February 2017 - 04:56 PM

Thanks for the as always detailed infos quietman7!

 

Now i will read all your links. But would you suggest to use to install the beta version on a non skilled user notebook? Something read in your quoted text suggest me that it will not be an "extreme" beta program, and that is anyway intended for daily use. That is using MBAE shouldn't be more dangerous than using a normal software that is often devolped and updated (like windows update: sometime causes problems, sometime the will solve problems). There are feedback that confirm my interpretation?

 

Anyway i think i should at least uninnstall old MBAE stan alone free on other pc were i used it to install the new perpetual beta. Better the new beta than the old MBAE stable but no more developed?

 

Anyway i will read the 2nd post on the topic you linked to see which other free anti exploit software are available.

Thanks again.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 PM

Posted 13 February 2017 - 05:17 PM

MBAE does it's job (blocks a vulnerability exploit attack) without user interaction so I see no reason why it cannot be used on a non skilled user notebook for daily use.

...it does not require users to configure any settings, train applications on normal usage, or determine sandbox directories or file recovery options. It is truly a completely transparent install-and-forget anti-exploit solution.

Malwarebytes Anti-Exploit Forum FAQs
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 BetaX

BetaX
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 14 February 2017 - 04:43 AM

MBAE does it's job (blocks a vulnerability exploit attack) without user interaction so I see no reason why it cannot be used on a non skilled user notebook for daily use.

...it does not require users to configure any settings, train applications on normal usage, or determine sandbox directories or file recovery options. It is truly a completely transparent install-and-forget anti-exploit solution.

Malwarebytes Anti-Exploit Forum FAQs

 

Yes, i totally agree with you. MBAE is a really easy software to use (you install it and you don't see nor hear). But i was referring to the suitability of installing a Beta version of MBAE on a non skilled user pc. This was my doubt.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 PM

Posted 14 February 2017 - 06:57 AM

I generally do not recommend beta versions of programs but being that MBAE is a perpetual beta, there really isn't a choice at this point unless another security vendor releases a similar tool.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 BetaX

BetaX
  • Topic Starter

  • Members
  • 48 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 15 February 2017 - 04:41 PM

I installed the beta version. The only doubt is: picking the installerfrom a topic on the forum of MB, i had the idea that new version should be updated downloading the new version on the forum. Anyway on MBAE there is a setting for auto update. That should answer to my concern.

I have to check on another pc if the old free MBAE has automatically updated to Beta or if i have to do it manually.

 

 

Another question: i read conflicting infos about compatibility between MBAE and HitmanPro Alert: in general i read that using more anti exploit software on a single pc may drive to conflicts, instability, crashes. But specifically i also read in some topic here that many conflicts between MBAE and HitmanPro Alert were fixed.  Anyway my question is even more specific: i have a pc with HitmaPro Alert in free version, thus without Anti exploit module enabled. In such situation can i install with confidence also MBAE (without uninstalling HitmanPro Alert of course) in order to take the advantages of HPA free version features, plus the anti exploit capabilities of MBAE, without conflicts or other instability issues? Or i will anyway subjected to limits of installing 2 anti exlpoit software? I ask because right now the feature i'm interested more is the anti exploit, and with HPA free is not available. So i'm planning to uninstall HPA free and replace it with MBAE Beta, if both these software can't cohabit togheter.



#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,751 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:18 PM

Posted 15 February 2017 - 05:45 PM

Yes, some security researchers have advised not to to use multiple anti-exploit applications because using more than one of them at the same time can hamper the effectiveness of Return-oriented programming (ROP) and other exploit checks. This in turn can result in the system becoming even more vulnerable than if only one anti-exploit application is running. In some cases multiple tools can cause interference with each other and program crashes;

ROP is a computer security exploit technique that allows an attacker to execute code in the presence of security defenses such as non-executable memory and code signing. Address Space Layout Randomization (ASLR) is a computer security technique involved in protection from buffer overflow attacks. These security technologies are intended to mitigate (reduce) the effectiveness of exploit attempts. Many advanced exploits relay on ROP and ASLR as attack vectors used to defeat security defenses and execute malicious code on the system. For example, they can be used to bypass DEP (data execution prevention) which is used to stop buffer overflows and memory corruption exploits. Tools with ROP and ASLR protection such as Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) use technology that checks each critical function call to determine if it's legitimate (if those features are enabled).

So it depends on what anti-exploit programs you are using and what features they provide.

This is a quote from Fabian Wosar, a Security Colleague and developer who works for Emsisoft from HMP.Alert & MBAE, Post #7

EMET, HMP.Alert and MBAE can all be useful under certain circumstances. The most effective step to fending of exploits is to reduce your attack surface. Keep the software you use up-to-date and try to get rid of Java and Adobe plugins. If you can't get rid of them completely, at least turn them on only for the sites that you know won't work without them. All browsers that I have used in the past year have features which makes it very easy to limit plugins to just a few sites. If for some reason you can't do either of that, then adding exploit protection can be somewhat useful.

 

I have been using both the free versions of MBAE and HitmanPro Alert since they were released and never experienced any problems.
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users