Jump to content
Jerome84

Exploit attempt blocked Question

Recommended Posts

Yesterday and today our Malwarebytes Management console flagged 4 computers with the message Exploit attempt blocked.  Objects scanned: C:\Windows\SysWoW64\vbscript.dll. 

I've attached a log file of the scan and was wondering if its a false positive.?

 

Thanks,

Jerome

 

archived-3649-mbae-service.zip

Share this post


Link to post
Share on other sites

Welcome to the forum and thanks for posting Jerome.

 

This "Application Hardening" technique basically prevents Internet Explorer from loading the deprecated (and much abused by the bad guys) VB Scripting component vbscript.dll. So it is not a false positive since the technique is doing what it's supposed to do, i.e. preventing the vbscript.dll from loading in IE. However some corporate environments still rely on VB Scripting for certain internal applications, that's why this technique is disabled by default in the corporate build.

 

But I see that this machine, even though its managed by a Malwarebytes Management Console, has the consumer build installed on it, and this is why it's triggering this enforcement technique. You might want to upgrade this machine to the corporate build. In your ZIP package, go to the Standalone subdirectory and install the mbae-setup-{version}.exe from there. If {version} = 1.08.2.1045 then you are good. Otherwise if the version you have is lower let me know and I'll send you the latest corporate build.

Share this post


Link to post
Share on other sites

Perfect ! Thank you for your help. I just upgraded that machine to the latest corporate build and its at version 1.08.2.1045.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.