Jump to content

Anti-Exploit question


dontcare

Recommended Posts

Hello

 

I am using Malwarebytes Anti-Exploit premium to shield my browsers etc. Would it be wise to also shield programs that I don't 100% trust just as added security? For example I downloaded a youtube video downloader. Scanned it with bitdefender and malwarebytes and it was clean.

Just as an extra layer of security I want to also shield it. Will it help to protect me if the program decides to do something fishy?

 

Thanks

Link to post
Share on other sites

You don't understand what an anti exploit application really is.
 
When one talks about an "exploit" there are two basic kinds.
 
*  Exploiting a software vulnerability to gain elevated privileges to effect a compromise
 
*  Taking advantage of a capability to use in their benefit in an unexpected or unanticipated way.
 
As an example of the first case I'll use the Lovsan/Blaster worm.  It exploited a software vulnerability in the Operating System RPCSS/DCOM which uses TCP port 135.  The Lovsan/Blaster worm would send a specific set or string of characters to TCP port 135 to create a "buffer overflow with an elevation of privileges" condition where if successful, the worm would create a BLASTER.EXE on the target system and then execute it.  Once the PC was infected it would seek new hosts and the Lovsan/Blaster worm would spread exponentially.
 
As an example of the second  case I'll use the Wimad trojan.  The Wimad trojan takes advantage of the Digital Rights Management (DRM) incorporated in media files such as MP3, WMV and other music and video files.  By taking advantage of the DRM, it would be used in combination of Social Engineering and one's desire for "free music" or a "free movie" to cause the person to download and run some malicious program.
 
Therefore you use an anti exploitation application to thwart the malicious activity of deliberately exploiting a vulnerability to effect a system compromise.
 
One may use a specially crafted...

  • PDF file to exploit a vulnerability in a PDF viewer like Adobe Reader or FoxIt.
  • MOV file to exploit a vulnerability in a Apple's QuickTime renderer.
  • GIF file to exploit a vulnerability in Microsoft's Graphics Device Interface (GDI).
  • DOC, XLS or other MS Office document file to exploit a vulnerability in Microsoft Office.
  • RMP file to exploit a vulnerability in RealPlayer.

It is for situations as enumerated above where an anti exploit application will be used to monitor and shield a given application, which exhibits vulnerabilities, from attempts using the vulnerability/exploitation attack vector.  It is not for untrusted applications.
 
The intention is to monitor and shield a given application which has a propensity of being exploited.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.