Jump to content
pbust

Automatic upgrades to 1.08

Recommended Posts

Auto-upgrades to 1.08 for Free/Premium users has been activated.

 

The version being pushed out is 1.08.1.1045 which disables the RET-ROP technique until we can fine-tune it further.

 

 

Share this post


Link to post
Share on other sites

While I have had no problems with RET ROP gadget detection during several weeks of beta testing use, your caution in the disabling of the feature in MBAE 1.08.1.1045 is much appreciated.  It is good for my peace of mind that those for whom I have installed MBAE Premium at some distance from my home are unlikely to be calling me about problems caused by your software.

 

I would imagine that when the RET ROP issues are resolved that RET ROP will again be selectively enabled by version update.

 

All the installations of MBAE which I have seen today updated quickly and silently at either startup or first logon.

Share this post


Link to post
Share on other sites

I did get the new version (I think) but now MBAE no longer starts when I boot my computer. All I get is the following message:

 

Malwarebytes Anti-Exploit Protection is not started. (sad but true)

The Anti-Exploit process will be terminated. (How can it be terminated when it could not even be started? Hm...)

Share this post


Link to post
Share on other sites

Should I perhaps follow the directions posted in here: https://forums.malwarebytes.org/index.php?/topic/171634-anti-exploit-not-started-after-upgrade-to-windows-10/

 

I have never had any problems with MBAE. The previous build, 1044, just worked fine here. It's the first time I got this error message.

 

UPDATE: Following the directions mentioned above seems to have resoved the problem. Everything's back to normal. Let's hope this problem will not resurface; if it does, I will tell you. Thanks for the upgrade, Pedro. :)

Share this post


Link to post
Share on other sites

I checked all the RET ROP options and found that Mozilla Thunderbird 38.3.0 (MBAE application type 'Other') tripped RET ROP gadget detection with Windows XP SP3 on MBAE 1.08.1.1045 but did not with the previous MBAE 1.08.1.1044.  There would therefore seem to be more changes made from version 1044 to version 1045 than simply disabling RET ROP gadget detection.

 

On another XP SP3 system, Outlook Express (also MBAE application type 'Other') did not trip RET ROP gadget detection on either MBAE 1.08.1.1044 or 1045.

Share this post


Link to post
Share on other sites

We had done "some" finetuning for 1044 but saw that wasn't enough. So we un-did the finetunings and simply deactivated RET-ROP in 1045. So if you activated it again, you introduced some false triggers that were fixed prior to 1044.

Share this post


Link to post
Share on other sites

Started my notebook appx: an hour ago and the free version upgraded from 1044 to 1045 before I touched the keyboard. Nice work Pedro !!!  :)  (Windows 7 64bit  (SP1) )

Share this post


Link to post
Share on other sites

it gave me this message: Malwarebytes Anti Exploit protection is not started. The anti exploit process will be terminated.

 

oddly enough it was working well yesterday, I have uninstalled and reinstalled it and it is working again, 

Share this post


Link to post
Share on other sites

Just for the record, I had the very same problem. I also had to uninstall and reinstall MBAE to fix this problem. Now that I have booted my machine again, the MBAE icon is no longer to be seen in systray, even though it should be there according to my Windows settings. I sometimes had this problem with earlier versions as well. Might be a Windows 10-specific problem. Don't know. Well, at least I can find MBAE in task manager.

Share this post


Link to post
Share on other sites

Just an FYI

The 'auto update' process worked like a charm on all my OS's :)

Share this post


Link to post
Share on other sites

Just rebooted my computer again and the MBAE icon is clearly visible in systray. :blink:

Anyway, MBAE seems to be running smoothly now after last night's upgrade hiccup. :)

Share this post


Link to post
Share on other sites

Just wanted to add that I am running MBAE Free, version 1.08.1.1044, on Windows 7 Professional SP1, 32-bit. Have been running 1044 trouble free, even with RET-ROP detection enabled. No false detections yet on any of my browsers, Chrome 46, Firefox 42, and IE11.

 

Only ended up here because I was trying to figure out why 1045 was being pushed (prompted to update today) and what it fixed.

 

Ran a google search on RET-ROP, and now I think I will keep this feature enabled!!!

 

Is there any other benefit to updating to 1045 besides just unchecking this troublesome detection?

Share this post


Link to post
Share on other sites

I have always kept all the MBAE features enabled. I can only guess, Tinstaafl. Maybe there have been problems with RET-ROP that aren't "fine-tuned" yet. Apart from the "automatic" upgrade to build 1045, which wasn't "automatic" in my case (see above), I have never had any problems with MBAE. I'm sure Pedro can shed some light on this issue. Pedro? :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.