Jump to content

pbust

Staff
  • Content Count

    3,372
  • Joined

  • Last visited

Posts posted by pbust


  1. This is by design as some exploits use WebDAV and UNC paths to deliver their payload. So our MBAE Layer3 Application Behavior protection blocks this generically. Since exploits ITW haven't used this technique for many many years, you can safely disable this under Advanced settings -> Application Behavior and disable the UNC protection for browsers. MBAE still has dozens of other layers that will protect against similar exploits, so you are not really reducing your effective protection.

     

     


  2. VB Scripting has been decomissioned by Microsoft some time ago due to the insecurities it introduces.

    In fact during all of 2016 Exploit Kits were heavily abusing outdated computers with VBScript in order to exploit machines and execute code remotely on them. It is advisable that you do not use any products or applications that rely on VBScript.

    Alternatively you can disable the VBScript enforcement technique in MB3 -> Settings -> Protection -> Advanced Settings -> Application Hardening, but it is probably safer to find an alternative to IDM that doesn't leave you more exposed to exploits.

     

     


  3. I think you got it the other way around. Now people that have not paid for MBAE can enjoy MBAE Premium features for free in the MBAE standalone beta. The "beta" concept is basically to denote that MBAE standalone will always be a step ahead of MB3, but not by much.

    As a previous MBAE Premium paying customer, your MBAE license key now works with MB3.

     


  4. Hello and welcome to the forum.

    MBAE does not discern whether the payload by an exploit or social engineering attack is good or bad.

    In this case the application is attempting to execute by having Chrome execute wscript.exe to run a script. This type of application behavior opens up a huge can of worms and security hole. I am amazed that HP is creating such insecure applications.

    You should be able to open MBAE, go to the Log tab, select the block and then click "Exclude".

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.