Jump to content

Recommended Posts

While I have had no problems with RET ROP gadget detection during several weeks of beta testing use, your caution in the disabling of the feature in MBAE 1.08.1.1045 is much appreciated.  It is good for my peace of mind that those for whom I have installed MBAE Premium at some distance from my home are unlikely to be calling me about problems caused by your software.

 

I would imagine that when the RET ROP issues are resolved that RET ROP will again be selectively enabled by version update.

 

All the installations of MBAE which I have seen today updated quickly and silently at either startup or first logon.

Link to post
Share on other sites

I did get the new version (I think) but now MBAE no longer starts when I boot my computer. All I get is the following message:

 

Malwarebytes Anti-Exploit Protection is not started. (sad but true)

The Anti-Exploit process will be terminated. (How can it be terminated when it could not even be started? Hm...)

Link to post
Share on other sites

Should I perhaps follow the directions posted in here: https://forums.malwarebytes.org/index.php?/topic/171634-anti-exploit-not-started-after-upgrade-to-windows-10/

 

I have never had any problems with MBAE. The previous build, 1044, just worked fine here. It's the first time I got this error message.

 

UPDATE: Following the directions mentioned above seems to have resoved the problem. Everything's back to normal. Let's hope this problem will not resurface; if it does, I will tell you. Thanks for the upgrade, Pedro. :)

Link to post
Share on other sites

I checked all the RET ROP options and found that Mozilla Thunderbird 38.3.0 (MBAE application type 'Other') tripped RET ROP gadget detection with Windows XP SP3 on MBAE 1.08.1.1045 but did not with the previous MBAE 1.08.1.1044.  There would therefore seem to be more changes made from version 1044 to version 1045 than simply disabling RET ROP gadget detection.

 

On another XP SP3 system, Outlook Express (also MBAE application type 'Other') did not trip RET ROP gadget detection on either MBAE 1.08.1.1044 or 1045.

Link to post
Share on other sites

Just for the record, I had the very same problem. I also had to uninstall and reinstall MBAE to fix this problem. Now that I have booted my machine again, the MBAE icon is no longer to be seen in systray, even though it should be there according to my Windows settings. I sometimes had this problem with earlier versions as well. Might be a Windows 10-specific problem. Don't know. Well, at least I can find MBAE in task manager.

Link to post
Share on other sites

Just wanted to add that I am running MBAE Free, version 1.08.1.1044, on Windows 7 Professional SP1, 32-bit. Have been running 1044 trouble free, even with RET-ROP detection enabled. No false detections yet on any of my browsers, Chrome 46, Firefox 42, and IE11.

 

Only ended up here because I was trying to figure out why 1045 was being pushed (prompted to update today) and what it fixed.

 

Ran a google search on RET-ROP, and now I think I will keep this feature enabled!!!

 

Is there any other benefit to updating to 1045 besides just unchecking this troublesome detection?

Link to post
Share on other sites

I have always kept all the MBAE features enabled. I can only guess, Tinstaafl. Maybe there have been problems with RET-ROP that aren't "fine-tuned" yet. Apart from the "automatic" upgrade to build 1045, which wasn't "automatic" in my case (see above), I have never had any problems with MBAE. I'm sure Pedro can shed some light on this issue. Pedro? :)

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.