pablozi

Level 23
Verified
Trusted
HitmanPro.Alert 3.6.7 build 601 BETA

Changelog (compared to 593)
  • Added a Asynchronous Procedure Call (APC) mitigation which protects against the DoublePulsar code injection.
    This mitigation is part of Risk Reductions > Process Protection.
  • Added our thumbprint technology to the Load Library mitigation (reflective DLL injection protection).
  • Improved CryptoGuard
  • Improved compatibility with Steam
  • Improved DLL injection to respect trustlets
  • Fixed compatibility when installing inside QEMU/KVM hypervisor
Changelog (compared to 600)
  • Fixed keystroke encryption
  • Fixed BadUSB mitigation
  • Fixed installer failing to upgrade driver
  • Improved compatibility with Steam
  • Improved DLL injection to respect trustlets
  • Fixed compatibility when installing inside QEMU/KVM hypervisor
Notes
  • This version is co-signed by Microsoft.
  • After a clean installation you need to reboot the machine to fully protect the system against DoublePulsar attacks.
Demonstration
Here's a quick demonstration video showing the new APC mitigation in action against a remote WannaCry ransomware attack that abuses the EternalBlue + DoublePulsar NSA exploits leaked by Shadow Brokers:
Users running HitmanPro.Alert version 2.6.5 (or newer) from April 2014 were already protected against the WannaCry ransomware as it was stopped by CryptoGuard. The attack is now ALSO stopped at the exploitation level. Note: The video actually shows our upcoming CTP2 but we back-ported the technology to this build.

Download
http://test.hitmanpro.com/hmpalert3b601.exe