pbust

Staff
  • Content count

    3,288
  • Joined

  • Last visited

5 Followers

About pbust

  • Rank
    Staff
  • Birthday

Profile Information

  • Location
    Earth

Recent Profile Visitors

107,448 profile views
  1. My pleasure as always Wilpower! We've been working on some new projects which hopefully will see the light of day soon and which I'm hoping you all will like as much as MBAE.
  2. Try rebooting. Maybe it is in the middle of an auto-upgrade. If that doesn't work, re-install.
  3. MBAE standalone will continue to be pushed automatically through auto-upgrades. Once we have a new 1.09 stable build (we've been posting intermediate builds with small improvements in each) we'll push it out through auto-upgrade. Afterwards we'll also push out 1.10, 1.11, etc. through auto-upgrades.
  4. Replicate the problem again, and then send me the file mbae-default.log.
  5. Go to Settings > Protection > Advanced Settings > Java Protection > Disable the Java Inbound Shell Connection Protection.
  6. If you remove the exclusion and reboot, does it still get blocked? (don't worry, you can add it again later).
  7. It could be that Grammarly pushed out a new version and it is being blocked again. Can you post the latest entry from your mbae-alert.log?
  8. Global exclusion added. Reboot and try again. For future reference you can also add your own local exclusions from your MBAE UI. Simply click on the LOGS tab. Then find the block event, click it once, and then click the Exclude button.
  9. Hi Harry, you can use Private Message to send me the logs.
  10. The log has been cycled and doesn't show the block information any more. Can you please try to repro again and post a fresh mbae-default.log? Also, I added this to the global exclusion, so you might not be able to repro it again.
  11. This is by design as some exploits use WebDAV and UNC paths to deliver their payload. So our MBAE Layer3 Application Behavior protection blocks this generically. Since exploits ITW haven't used this technique for many many years, you can safely disable this under Advanced settings -> Application Behavior and disable the UNC protection for browsers. MBAE still has dozens of other layers that will protect against similar exploits, so you are not really reducing your effective protection.
  12. The mbae-default.log has cycled and doesn't include the alert information. Can you please reproduce the problem again and post a fresh new mbae-default.log?
  13. Added global exclusion for f5dc2ae9b6eff70c6d1a7377ed658049. Let me know if this is still triggering.
  14. VB Scripting has been decomissioned by Microsoft some time ago due to the insecurities it introduces. In fact during all of 2016 Exploit Kits were heavily abusing outdated computers with VBScript in order to exploit machines and execute code remotely on them. It is advisable that you do not use any products or applications that rely on VBScript. Alternatively you can disable the VBScript enforcement technique in MB3 -> Settings -> Protection -> Advanced Settings -> Application Hardening, but it is probably safer to find an alternative to IDM that doesn't leave you more exposed to exploits.
  15. Can you please attach here your mbae-default.log file? Thanks!