Jump to content

More options upon detected "Exploit"


Tiare

Recommended Posts

With the two or three false positives that i wound up dealing with, it occurred to me that perhaps when it detects something that it thinks is an exploit it should say something along the lines of 

 

"Malware bytes AE has detected what it thinks is an exploit *Button to bring up details of why it thinks an exploit has been found, Labeled 'show details'*"

 

Do you want to:

 

-Block

-Ignore

-Allow and add exclusion

 

Just something that in theory wouldn't be too tough to integrate, Thanks for your time whoever is reading this!

Link to post
Share on other sites

  • Staff

Thanks for the suggestion Tiare.

Since we are still finishing the anti-exploit engine we prefer to find out about potential problems so we can fix them. If we implement your suggestion fully we win't find out about potential bugs and won't be able to fix them. It is possible that once MBAE comes out of beta we might implement something similar to what you are suggesting, but for now we want to know if there are problems so we can fix them.

Btw., there is currently the possibility of excluding certain types of blocked payloads in its current beta form.

Link to post
Share on other sites

Thanks for the suggestion Tiare.

Since we are still finishing the anti-exploit engine we prefer to find out about potential problems so we can fix them. If we implement your suggestion fully we win't find out about potential bugs and won't be able to fix them. It is possible that once MBAE comes out of beta we might implement something similar to what you are suggesting, but for now we want to know if there are problems so we can fix them.

Btw., there is currently the possibility of excluding certain types of blocked payloads in its current beta form.

 

Feh, Thanks anyways. I assume that it's doing something even in it's beta state, Or at least i hope

Link to post
Share on other sites

  • Staff

Yes, you can verify that it is working by using the Exploit-Test utility found here:

https://forums.malwarebytes.org/index.php?showtopic=139368

 

Also you can view the intro video that was made for the very first beta of what would later become MBAE in the following URL. In this vid it shows MBAE against a wide variety of exploit kits in the wild:

--https://www.youtube.com/watch?v=RAHXzfySgYg

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.