Advice Request Malwarebytes anti-exploit -- effectiveness?

[shmu26]

how effective is it? I mean, how do we know it is actually offering added protection? Are there any tests?
I have it installed on Windows 10 pro x64, along with Windows Defender and Spyshelter free.

 

[frogboy]

Yes it works and you can test it here.
Link. How to verify that MBAE is working correctly - Anti-Exploit Product Support - Malwarebytes Forum

 

[shmu26]

Yes it works and you can test it here.
Link. How to verify that MBAE is working correctly - Anti-Exploit Product Support - Malwarebytes Forum

thanks. I meant, are there any tests that can evaluate its effectiveness against real-world exploits?

 

[Rishi]

Yes it works and you can test it here.
Link. How to verify that MBAE is working correctly - Anti-Exploit Product Support - Malwarebytes Forum

Thank goodness for this link, testing anti-exploits is hard, the thought of Angler Exploit kit using flash gives me shivers.

 

[jamescv7]

@shmu26: Well here are in-related search inquiry videos that you may interested even though some are not on MBAE but sure enough to provide your own conclusion.

Link

 

[generalwu]

To me it's more like "Better be safe than sorry", as long as there's many people endorsing the software, it should be effective to a certain extend. To what extend is another question though.

 

[Atlas147]

I think I have only run into an exploit page once my entire life and safe to say that MBAE caught it. Although I thought that it was generally safe because it was a known gaming forum site but it might have been compromised by malware. In any case I agree with @generalwu it's better to be safe than sorry!

 

[Deleted member 178]

Stop asking for tests, they means nothing, you can do all tests you want , they are just "tests"; real life scenario are different. Not saying it is difficult to test anti-exploits software since "legit" exploits are needed.

what matters then? just check the product forum and see if people get compromised while using the product.

 

[shmu26]

Stop asking for tests, they means nothing, you can do all tests you want , they are just "tests"; real life scenario are different. Not saying it is difficult to test anti-exploits software since "legit" exploits are needed.

what matters then? just check the product forum and see if people get compromised while using the product.

interesting approach!
I glanced through the titles of the first three pages on their forum. Doesn't look to me like anyone actually got infected. One person thought he was being attacked by an exploit, but the moderator explained that the media file he was trying to open had a protection that conflicted with MBAE.

 

[_CyberGhosT_]

I have used MBAE since its inception and can tell you (from my experience) its a solid tool just like MBAM. PeAcE

 

[LabZero]

Well, we consider that a small bug or 0day vulnerability in a web-application can open the door to a deeper system impairment. The pirate, once he has access to a system, can attack a network from within, find and exploit relationships of trust and penetrate connected systems otherwise unattainable. For this reason the sql injection, for example, and other bugs in web-applications should never be underestimated!

A sql injection attack is to exploit a lack of validation of user-supplied input to the web-application. Taking advantage of this gap the pirate has the right to insert sql code and subvert the default logic, forcing the system. SQL is the language used to interrogate databases. By manipulating the logic of these scripts, he can also find passwords (encrypted) stored in the database itself. This is one of the most common hacking techniques of recent times.

As I always say, a security system is as strong as the weakest link. Find a weakness and exploit it properly can lead to the total defeat of the security system itself and ... all this because of a clumsy handling user input and no anti-exploit app can 100% protect you!

 

[shmu26]

Well, we consider that a small bug or 0day vulnerability in a web-application can open the door to a deeper system impairment. The pirate, once he has access to a system, can attack a network from within, find and exploit relationships of trust and penetrate connected systems otherwise unattainable. For this reason the sql injection, for example, and other bugs in web-applications should never be underestimated!

A sql injection attack is to exploit a lack of validation of user-supplied input to the web-application. Taking advantage of this gap the pirate has the right to insert sql code and subvert the default logic, forcing the system. SQL is the language used to interrogate databases. By manipulating the logic of these scripts, he can also find passwords (encrypted) stored in the database itself. This is one of the most common hacking techniques of recent times.

As I always say, a security system is as strong as the weakest link. Find a weakness and exploit it properly can lead to the total defeat of the security system itself and ... all this because of a clumsy handling user input and no anti-exploit app can 100% protect you!

MBAE doesn't protect against that. Quoting their FAQ:

MBAE will not protect against exploits which take advantage of insufficient or incorrect configuration or information disclosures, XSS, SQL injection, etc.

What does protect against it?

 

[LabZero]

MBAE doesn't protect against that. Quoting their FAQ:

MBAE will not protect against exploits which take advantage of insufficient or incorrect configuration or information disclosures, XSS, SQL injection, etc.

What does protect against it?

Yes, what does protect against it?
Edit: rhetoric question...

 

[shmu26]

Yes, what does protect against it?
Edit: rhetoric question...

I understood you (it was typical Jewish humor, don't know if you are or aren't...)
but more to the point, it sounds to me like it depends on the dev to write safe code. So if you are using chrome or firefox, you should be pretty safe, no?

 

[_CyberGhosT_]

Well, we consider that a small bug or 0day vulnerability in a web-application can open the door to a deeper system impairment. The pirate, once he has access to a system, can attack a network from within, find and exploit relationships of trust and penetrate connected systems otherwise unattainable. For this reason the sql injection, for example, and other bugs in web-applications should never be underestimated!

A sql injection attack is to exploit a lack of validation of user-supplied input to the web-application. Taking advantage of this gap the pirate has the right to insert sql code and subvert the default logic, forcing the system. SQL is the language used to interrogate databases. By manipulating the logic of these scripts, he can also find passwords (encrypted) stored in the database itself. This is one of the most common hacking techniques of recent times.

As I always say, a security system is as strong as the weakest link. Find a weakness and exploit it properly can lead to the total defeat of the security system itself and ... all this because of a clumsy handling user input and no anti-exploit app can 100% protect you!

Well spoken, and knowing this you also know that herein lies the chess match between hacker and prevention. PeAcE

 

[LabZero]

I understood you (it was typical Jewish humor, don't know if you are or aren't...)
but more to the point, it sounds to me like it depends on the dev to write safe code. So if you are using chrome or firefox, you should be pretty safe, no?

MBAE can block zero-day exploits developed to hit browsers and vulnerable applications with the restrictions that you said above.

In a real scenario it's difficult anyway to test the real reliability because you need to test it with "live" zero day.

If you are interested take a look here:

Written Review - MalwareBytes Anti-Exploit 1.07.1.1015 free version.