Jump to content

Recommended Posts

I'm not clear what the difference is between these two programs?

Most immediately, I want something to remove an ad pop-up malware that infected my win7 laptop when I tried to load (I see now a bad copy of) open office.

Long term, what will be good to use along with my antivirus program (right now it's Norton but I'm considering switching to bit defender)?

Thanks, David.

Link to post
Share on other sites

Malwarebytes' Anti-Malware (MBAM) is a program that uses Heuristics and Signatures to detect and/or block certain types of malicious executable binaries as well as block the IP addresses of malicious or nefarious sites.

 

Malwarebytes' Anti-Exploit (MBAE) is a program that thwarts the ability of software to take advantage of a software vulnerability that can be used in an attack vector by exploiting it and inserting malware on a computer without the user's knowledge.  For example one way this is done is through a process known as as a buffer overflow with an elevation of privileges.  That means that if a program is given the right type of string that overflows its buffers then in the process of exploiting the vulnerability the process gets high level administrator privileges and can do things to the OS that only an administrator can do even if the account being used has "Limited User Access" (LUA account).

 

In short MBAM detects and/or blocks malicious files and Internet Addresses while MBAE looks at the malicious actions of exploiting vulnerabilities and blocks those actions from taking place.

 

References:

http://en.wikipedia.org/wiki/Application_security

http://en.wikipedia.org/wiki/Privilege_escalation

Link to post
Share on other sites

Then I suggest that you take the time to learn about Computer Threats.  Understanding them will go a long way in protecting you from them.  Not understanding the threats means you have a greater propensity to be affected (compromised) by them.

 

To start, please read the references I provided.

Link to post
Share on other sites

Let's try this...

 

You use a particular lock on you house door.  Unfortunately the manufacturer of the lock had a bad quality control run that introduced a flaw in the lock you use.  A criminal knows all about that flaw and found that if a paperclip is used a certain way he can gain entry into your home.  Once inside, he can do whatever he wants.

 

That is a parallel to MBAE.  It protects the lock such that the criminal can't succeed.

 

I have a smart house.  The door knob has a fingerprint identification sensor built it.  If a burglar touches the door knob it scans his fingerprints and if it is found in a known felon database then the house goes into a lock-down mode,  a loud siren is sounded and the police are automatically summoned.

 

That is a parallel to MBAM.

Link to post
Share on other sites

  • Staff

Another example I typically use is that MBAE blocks the HOW you get infected and MBAM blocks the WHAT you get infected with.

 

This is over-simplifying things as MBAM also blocks some of the how you get infected with the IP Blocker, but the example works well for explaining exploit-driven infections.

 

In short, we recommend you install both.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.