Battle Which Anti-Exploit software should I use?

RXZ6Q

Level 4
Thread author
Verified
Mar 30, 2016
169
I just reinstalled my computer and found out that Malwarebytes Anti-Exploit has been discontinued (probably?) and is only available now as a beta. I am looking for product that could replace this software. I am mainly looking for low resources usage! Malwarebytes Anti-Exploit only used a few megabytes of RAM. I use Avira Antivirus Free and Comodo Firewall Free.
 

giants8058

Level 4
Verified
Jan 26, 2016
150
If those browser intrusion alerts are legitimate, then that means that there is an active infection already on your system... ;)

Banking trojans and other financial malware just don't run from a webpage inside your browser without touching your system - they're actually installed onto your system.

You better get someone to either check out those HMP.A alerts or take a look at your system.
Yeah I did. Sent Surfright the logs and they said all was good. I was skeptical at first, but they assured me it was OK. The browser border went back to green after close/re-open. There were a couple of times where I was literally doing nothing but had the browser window open, and I got the alert. I was thinking it was FP, but I couldn't tell for sure. I recently did a full wipe and reinstall and after that I received one alert. I know for sure my system was clean at the time. Is it possible that a MITM attack of an active session inject code that could affect the browser itself or would only the data streams be compromised?
 
Last edited:

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
@Arequire Maybe they're trying to force good habits on businesses like they did with UAC and developers. App and OS updates are in the top 4 mitigation strategies in asd.gov.au after all
 
5

509322

only the data streams

For MitM the chumps want to intercept your packets and have a "look-see"... use a VPN as a counter-measure if that worries you. If you don't do heavy online financial activities, then don't worry about it.

As for the other stuff it would be, for example, if they get you to a webpage and tamper with the browser or one of its processes to exploit a vulnerability and obtain escalation of privilege. That's why your using HMP.A - to prevent this sort of thing from happening.
 
Last edited by a moderator:
  • Like
Reactions: giants8058

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
@Arequire Maybe they're trying to force good habits on businesses like they did with UAC and developers. App and OS updates are in the top 4 mitigation strategies in asd.gov.au after all
Maybe. Either way I guess businesses will have to adapt to the change. Maybe sysadmins can look at it like one less thing to manage. :p
 
  • Like
Reactions: RXZ6Q

orthonovum

Level 3
Verified
Jun 17, 2017
106
I don't think there are any good free anti-exploits

if you are on windows 8 or 10, enable the appcontainer flag in chrome. That is anti-exploit protection.
And use a safe PDF reader as default, such as Sumatra.
In other words, you will need to do piece-meal exploit protection, or buy HitmanPro.Alert.

BTW... I would not call Sumatra a "safe" PDF reader. In fact I like to use it for priv esc demonstrations ;)
 
5

509322

BTW... I would not call Sumatra a "safe" PDF reader. In fact I like to use it for priv esc demonstrations ;)

Sumatra is a safe PDF reader in that most of the functionality is ripped out of it to thwart malicious\weaponized PDFs.

You can use just about any process to elevate privileges so it is not something inherently wrong or different with Sumatra.
 

orthonovum

Level 3
Verified
Jun 17, 2017
106
Sumatra is a safe PDF reader in that most of the functionality is ripped out of it to thwart malicious\weaponized PDFs.

You can use just about any process to elevate privileges so it is not something inherently wrong or different with Sumatra.

I'm not sure that is a 100% true statement ;) but ok
 
5

509322

I'm not sure that is a 100% true statement ;) but ok

If you have a Sumatra PDF exploit, then please demonstrate it to the community. There have been exploits of Sumatra PDF reported in the past, but only a very few compared to popular PDF readers such as Adobe. Sumatra PDF is a safer bet compared to the much more targeted other PDF readers.

And yes, if you look hard and long enough, you will eventually find vulnerabilities of one sort or another in just about any soft. It is just a matter of time.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top