Jump to content

Recommended Posts

Hi - I am currenly trialing MBAE and having difficulty in understanding the log reports (I am not a technical person) and cannot currenly find a good explanation.  Some I have found on the web and here seem to conflict.  The attached screen shot shows a typical report and is self-explanatory. I am using Windows 7HP SP1 up todate, either Firefox and IE11 (latest versions) and also I run Norton and MB.  I have 3 questions:

 

1) Do the black symbols and the words to the effect that Firefox 'has been enforced with anti-Heap Spraying/BottomUp' then followed by the next line up with the orange symbol that 'Firefox is now protected' mean that my compluter has been exploited ... and is now protected, or what?

 

2) I get the same thing when I use IE11, but there is always an extra line of log report saying that DEP has been enforced.

 

3) Sometimes I get a log similar to the attached, but on the top line above 'Firefox or IE is proected' you get the black symbol followed by the one of wordings as at 1) above about being enforced, it's usually the BottomUp one.

 

Many thanks for your help and explanation,

 

Bob.

post-183003-0-29527600-1423737901_thumb.

Link to post
Share on other sites

  • Staff

Welcome to the forum and thanks for posting Bob.

 

You are correct in that these concepts are difficult to understand for regular users. We are already working on version 1.06 which will get rid of all these different log entries and they will all be replaced with a simple "XYZ is now protected".

 

To answer your specific questions:

 

1- No, those entries do not mean that your computer has been exploited. The entries for exploits being blocked will say something along the lines of "An exploit code has been blocked in XYZ".

 

2 & 3- Yes, DEP, BottomUp ASLR and Anti-HeapSpraying are techniques that we apply to your applications (browsers, Office, pdf readers, etc.) so that they are hardened and more difficult to exploit. They are only applied if they don't already have them enabled. Different versions of the Operating System and/or the applications such as IE already apply different techniques so sometimes you will see the DEP message and sometimes no, depending on whether the OS and the specific version of the application have enforced DEP already or not.

 

Note: moving this thread to the Questions sub-forum.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.