hake

I have found that what prompted me to post this was subsequently realised to be an installer failure with MBAE 1.09.1.1130 beta which resulted in the MBAE service not bein installed on one particular pre-SSE2 processor system. I still imagine that the issue I was concerned with might still be an issue in the future when Malwarebytes further develops MBAE but for the moment it seems to ba a non-issue.

I had preciously assumed that the failure of the new MBAE beta was due to the processor not being SSE2 capable. I now realise that this is probably not so. The installer reports that installation is complete and instructs me to restart the system. On restarting, MBAE.exe fails with a report of an illegal instruction which is why I initially jumped to the conclusion that the processor was the problem. Not so. On looking at the list of services, Malwarebytes Anti-Exploit Service is absent from the list. What information should I supply to help you to investigate this issue? MBAE 1.08.1.2563 installs and works well although I did notice that after reinstalling MBAE 1.08.1.2563 over MBAE 1.09.1.1130 beta that the version number shown in the MBAE GUI was still 1.09.1.1130. I am running my trusty ancient Windows XP Pro SP3 powered by an even more ancient Athlon XP 3000+. MBAE 1.09.1.1130 beta has however installed and works successfully on another Wndows XP SP3 system, this time running on an Acer 220 TravelMate laptop powered by an Intel Celeron 1.3Ghz processor which, I believe, also does not support SSE2 instructions.

I would be very glad if someone would state if pre-SSE2 processors are supported by MBAE 1.09.

I hope that future production releases of MBAE will automatically test for SSE2 (and later) compatibilty before attempting to automatically update. I expect that my Windows XP with AMD Athlon XP 3000+ (pre-SSE2) equipped system is one of only a modest few to be running MBAE but I do hope that the developers can incorporate this processor check into MBAE 1.09 and later versions. In trying the MBAE 1.09 beta, I found that no such processor check is yet in operation. This beta MBAE was successfully installed but could not execute. I realise that while the HOSTS file can be used to inhibit MBAE version updates, this is inconvenient if the HOSTS file is used as a means of blocking websites.

The beta installs but then halts after startup with an illegal instruction (MBAE.exe) on a Windows XP Professional SP3 which uses an Athlon XP 3000+ processor. This processor is known not to be able to execute SSE2 and later instructions. I guess that this system will therefore not be able to execute versions of MBAE after version 1.08. I mentioned the possibility of this issue a while ago. Will the installation executables for next and subsequent production releases of MBAE check for a pre-SSE2 processor and refuse to install if one is found? This goes for automatic installers also. MBAE 1.09.1.1130 Beta works fine on Windows 7 Ultimate SP1 64bit and Windows XP Professional SP3 (Celeron and Pentium 4 but not AMD Athlon XP 3000+).

Yup! It works. I have not experienced a single startup failure with MBAE on Windows XP or Windows 7 since I turned off protection events logging.

PDFium is apparently subject to attack by specially crafted PDF files. I assumed immunity when openng PDF files using Google Chrome's own PDF reader. Apparently not so. Read here http://www.hotforsecurity.com/blog/how-a-boobytrapped-pdf-file-could-exploit-your-chrome-browser-and-its-not-adobes-fault-14122.html

I run a sanctuary for old PCs (it's a bit like a donkey sanctuary only the fields are full of happy old PCs enjoying their twilight years). I have a suspicion that older PCs dating from around 12 years ago are more susceptible to problems with MBAE starting than modern PCs. I also have a notion that MBAE starts much more reliably when protection event logging is disabled. Perhaps someone with knowledge of the workings of MBAE could confirm or disprove my suspicions.

I am running MBARW on two systems running Windows 7 (64-bit) and one running Windows 8.1 (64-bit). All web browsers (except Opera 12.17) are the latest versions. Windows 7 (64-bit) Ultimate has Agnitum Outpost Firewall Pro 9.3, Avast 11.2.2262 Free, MBAE Free, EMET 5.2 (protecting applications not including web browsers), BitDefender AntiRansomware, Libre Office 4.1, Mozilla Firefox ESR, Google Chrome and Opera 12.17 (64-bit). Windows 7 (64-bit) Home Premium has Avast 11.2.2262 Free, MBAE Premium, MS Office 2007, Mozilla Firefox, Google Chrome and Opera 12.17 (32-bit). Windows 8.1 (64-bit) has Avast 11.2.2262 Free, MBAE Premium, MBAM Premium, MS Office 2007, Mozilla Firefox and Google Chrome. I have yet to witness a single negative issue with MBARW. I await news about the form in which the production version of MBARW will be released.

Thank you bdubrow. I look forward to further enlightenment on your product developments.

I am always evaluating defences of systems under my unpaid care. There is nothing I would rather use than Malwarebytes solutions. It's a matter of availablility. I tried BitDefender's AntiRansomware and was very disappointed that when an updated version became available, the installed previous version stopped working!!! Users of limited competence (which many are) are expected to download and install the update only to find that the previous version is still just alive, if moribund, and blocking the installation of the new version and so must first be uninstalled. Malwarebytes does far better than that. BitDefender AntiRansomware Bit the dust. MBARW beta is all that is available. I look after some computers which are many miles distant from where Iive so I must attempt to anticipate the realities of the introduction of Malwarebytes AntiRansomware technology so as to ensure continuity of defence. To that end, I am simply fishing for the information which will enable me to anticipate correctly.

I have installed AntiRansomware beta on three Windows 7/8.1 PCs without issues. I thought it better than waiting for the final form of the production release, whatever that is. A Malwarebytes beta is a better bet than most other's production software releases. Taking a chance on AntiRansomware beta is surely infinitely better than the effects of ransomware. I am guessing what the form of the release of the production AntiRansomware will be. I have read that consideration is being given to bundling it into Malwarebytes Antimalware Premium. If that is confirmed to be the plan, I hope to commit to buying some Antimalware Premium licences for my family so that they can run AntiRansomware beta along with Antimalware Premium and the process of transition from beta to production release of AntiRansomware will be seamless amd automatic. Is my speculation wide of the mark or does it make sense?

Thank you Pedro.

With Apple not releasing further updates to Quicktime for Windows, the last being in January 2016, will MBAE Premium provide effective on-going protection against possible exploits of Quicktime?

Thanks guys.

Does MBAE continue to provide web browser protection if the Premium version subscription payment lapses?

I have experienced a similar difficulty with Windows 8.1 (64-bit), Google Chrome (x86) version 49.0.2623.112 m and Trusteer Rapport. MBAE default settings were in use. The puzzling thing is that Google Chrome works fine as a browser but when I use the Chrome Settings facility to delete browser data, MBAE shows an alert re: 'ROP exploit gadget attack blocked'. If I disable CALL ROP gadget detection, I still get a similar alert for Malicious Return Address detection. Disabling CALL ROP Gadget detection and Malicious Return Address detection for Google Chrome eliminates the behaviour. An identical setup of Google Chrome and Trusteer Rapport on Windows 7 (64-bit) Home Premium does not exhibit the behaviour in the same circumstances. This issue does not stop Google Chrome being usable. I report it in case the circumstances might inform those who are investigating this.

I think that the feedback posts in this sub-forum answer my question. The users of the two systems would not be able to provide the feedback data required by MalwareBytes' techs.

I have held back from putting MBARW Beta 5 on a couple of Windows PCs which are not in my immediate reach (42 miles actually). My experience with MBAE Betas was that they never caused a system problem and were a valuable protection so I hope that MBARW is in the same category. As further Betas pour off the production line, do they have version updating limitations? Do Betas time-out into inactivity after, say, 6 months like MBAE did. Are Betas suitable for the kind of deployment as I have in mind? My sole installation of MBARW to date has been fit-and-forget. It's there but extremely unobtrusive. The comments of MalwareBytes personnel would be appreciated.

Anti-Ransomware Beta 0.9.14.361 works without issues running under Windows 7 Ultimate 64-bit with Outpost Security Suite 9.3 (no AV installed), Avast Free 2016 11.1.2253 and MBAE. It installed cleanly.

I guess I already implied the answer in my enquiry. Outpost's Web Control was created well before Anti-Exploit was even thought of. It was a good thing in its day but it is not practical to blanket block JavaScript so when an intelligent mechanism like MBAE comes along, use and trust it. Consequently, I have removed the superseded Web Control from Outpost but the firewall and HIPS features remain. I like fit-and-forget devices.

Agnitum Outpost Web Control allows a user to disable categories of active content (e.g. JavaScript, Flash, Java, Hidden Frames, ActiveX, VBScript, Scripting ActiveX) per specified web site. I would be delighted to have confirmation that the intelligence built into Anti-Exploit effectively makes the use of Web Control unnecessary.

Microsoft is desperate or complacent.

To the moderator, please edit the topic heading: - Mitigation of JSF**K exploit vulnerability exploit reported to be found on eBay i.e. please remove the second 'exploit'. Thank you.

The allegation: http://www.slashgear.com/ebay-aware-of-vulnerability-allowing-malware-distribution-no-plans-to-fix-it-04425510/ Does this allegation concern the type of exploit that MBAE is intended to mitigate?