Jump to content
Malwarebytes Endpoint Security reached End of Life on August 4th 2021. Click for more details.

new version available?

mario_007
 Share

Recommended Posts

alexl010

alexl010

Posted
Posted

All of my users just got this notification and none of them can install since they are not admins on their PCs.  Please send business customers a warning before doing an update like this.  My phone is ringing off the hook.  Can we get this software managed by the same console as MBAE and MBAM? 

Please provide download link for the new version.  I found a Beta 9 link but it looks like it's the consumer version. 

 

Link to post
Share on other sites
Wolflord

Wolflord

Posted
Posted (edited)

Spoke to Malwarebytes support now..they are working on the .MSI package now. Once it's complete they will provide customers with the URL. 

I don't understand why their Anti-ransomware product can't be managed from a console. So stupid 

Edited by Wolflord
Link to post
Share on other sites
tdhaslett

tdhaslett

Posted
Posted (edited)

So, I've retrieved the EXE for it, if anyone is interested. The upgrade created C:\ProgramData\MalwarebytesARW\MBAMService\instlrupdate\mbarw-setup-business-0.9.18.806.exe after I started an update from the pop-up. Note that I did not have to complete the install form here.

I grabbed it and set up a package in PDQ Deploy to push it out. After the install/update, the systray icon does not reappear, so I added a net stop / net start for mb3service at the end of the package, which gets it to reappear.

My PDQ package goes like this:

  1. File Copy to C:\temp
  2. Run install from command line with switches "/SP- /verysilent /suppressmsgboxes"
  3. delete the public desktop shortcut (just my personal preference)
  4. net stop mb3service
  5. net start mb3service

It is working well so far.

Edited by tdhaslett
Link to post
Share on other sites
tdhaslett

tdhaslett

Posted
Posted
57 minutes ago, Wolflord said:

100% agree. I really need the .MSI installer. I am happy they resolved this stupid temporary profile issue but unhappy that we don't have a .MSI to push this out remotely.

Eureka! That's what has been causing my users to get logged on with temp profiles so darn much?

Link to post
Share on other sites
Wolflord

Wolflord

Posted
Posted (edited)
3 minutes ago, tdhaslett said:

Eureka! That's what has been causing my users to get logged on with temp profiles so darn much?

Yep, it was the Anti-ransomware product. When reviewing the event logs, I found something was locking the ntuser.dat file (causing the user to log in with a temp profile). After doing some investigation, it turned out that the Anti-ransomware product was doing this..when I uninstalled the product, the issue would go away.

So it looks like this new update fixes it (when you install the update, it says it resolves this temp profile issue). But now we need the .MSI to actually push the update out to all the workstations

 

Edited by Wolflord
Link to post
Share on other sites
NetApex

NetApex

Posted
Posted
30 minutes ago, Wolflord said:

Yep, it was the Anti-ransomware product. When reviewing the event logs, I found something was locking the ntuser.dat file (causing the user to log in with a temp profile). After doing some investigation, it turned out that the Anti-ransomware product was doing this..when I uninstalled the product, the issue would go away.

 

 

Son of a gun!! Ok we had been seeing the temp profile thing more often and just hadn't put 2 and 2 together.  This will be a relief (once we get the MSI that is).  

Link to post
Share on other sites
jpereboom

jpereboom

Posted
Posted

Thanks for all of the posts.  Having the same problem as well here.  I wasn't aware that the MWB AR was causing the temporary profiles, which we have been experiencing as well.  I have a email into support as well about where to get the updated .msi and how to disable the update prompt for the end users.  

Link to post
Share on other sites
WHairstonLOI

WHairstonLOI

Posted
Posted

For those of us who are MSPs using the Malwarebytes plugin with Connectwise Automate (formerly LabTech), is this update going to be

  • automatically applied to the client workstations,
  • do we need an updated plugin, or
  • are we stuck with having to field phone calls from all of our end users and installing this update manually?

So far today, it was the latter. Like many of the above posters, VERY UNHAPPY to learn about this via a barrage of phone calls from end-user clients and to see that the update was not silently installed like the Anti-Exploit software usually is! On a related note, I still don't understand why the Anti-Malware component can't automatically update either, but that's another post...

Link to post
Share on other sites
djacobson

djacobson

Posted
Posted (edited)

@WHairstonLOI, I know where you are coming from, our own customers are upset as well, MBARW for Biz was mistakenly included on the over the air push. We had a newsletter email and update package being prepared but that isn't how it went down unfortunately.

MBARW is essentially a standalone tool, it is independent, much like Anti-Exploit is. That on-screen prompt is the auto-update function, most CU (component update) packages are silent but the code change in this update is major and requires more involvement. If your customers are local admins of their own machines, they can install the update on their own by clicking through the prompts. If not, you will need to use the installer package on the support KB link - Install Malwarebytes Anti-Ransomware as an unmanaged client - there will be a plugin update but it must be created by us then vetted by LT, so it could take a while before you see it.

Anti-Malware is not able to automatically update its revision like our next-gen products can due to the way it was originally coded and the architecture it was built on, however, there is no real need to ponder the consequences of this as there will be no more Anti-Malware for Business program versions past 1.80.2.1012. Anti-Exploit was designed to do this automatically from the get go. The new MB3 can do this now as well. MB3 for business is called Malwarebytes Endpoint Protection.

Edited by AdvancedSetup
updated links
Link to post
Share on other sites
djacobson

djacobson

Posted
Posted (edited)
22 hours ago, Wolflord said:

I don't understand why their Anti-ransomware product can't be managed from a console. So stupid 

23 hours ago, alexl010 said:

Can we get this software managed by the same console as MBAE and MBAM?

When we created the MBARW beta, people wanted it sooner than the time it would take to modify the console's code to include it, so it was released as a standalone tool to get it in peoples hands faster, just like the Anti-Rootkit (MBAR) and ADWCleaner tools, you have access to them but they are not managed products. If you are a long time console user, you may remember that it required a major update from Malwarebytes Enterprise Edition 1.3.1 to Malwarebytes Management Console 1.4.0 in order to bring managed Anti-Exploit functionality.

It was and has been intended for the long run to combine all the technologies into a single footprint agent, that development had been ongoing for some time now and that product has since released. MBARW is part of a managed solution under the new Malwarebytes Endpoint Protection product.

Edited by djacobson
Link to post
Share on other sites
rleroux

rleroux

Posted
Posted
On 25/08/2017 at 10:38 AM, djacobson said:

of this as there will be no more Anti-Malware for Business program versions past 1.80.2.1012. Anti-Exploit was designed to do this automatically from the get go. The new MB3 can do this now as well. MB3 for business is called Malwarebytes Endpoint Protection.

I'm confused about this.  Does this mean that for LT users, we are now going to be dealing with a product that will not be updated any more?  LT told me last week when I confronted them about the Endpoint Protection and why we are paying for licenses for and old version of MBAM and I was given this response:

"

I am glad to hear that your deployments were successful. Also, you mentioned why it is still version 1.80.2.1012 and the reason why this is, is because this is the only version that is compatible with the Malwarebytes plugin. "

 

This MB3 seems to have everything built in; instead of separate installers and it also has a much better dashboard than the LT plugin (and hopefully a reporting feature which I've been bugging LT about).

Why can't the MB3 version be the one pushed out and managed in this case instead of MWB, MWAE and MWAR;

 

 

Link to post
Share on other sites
jpereboom

jpereboom

Posted
Posted

Djacobson thanks for your reply to this post.  It would be great to have MBARW in the console, but I understand the timing issue that you explained.  The biggest thing that would help us is just to make sure that the users aren't presented with the update pop up going forward.  Since this is a business product, I would imagine the majority of users don't want the users presented with a box telling them to install software.  We just want to be able to push out the new versions on our own schedule, and not having many users generating phone calls and support tickets, because of a pop up message.  Will this pop up message happen again in the future or how do we disable this? 

Link to post
Share on other sites
djacobson

djacobson

Posted
Posted

@rleroux, the LT agent neglected to realize that it is not because it is the only version available to them, or the only one compatible with the plugin, it is because that version is the latest we have for the on-premises product. LT had in fact been using previous builds before culminating to 1012. MBAM 1.80.2.1012 itself is not old or out of date. It is very stable and has just about everything it could need now, it is however built upon the legacy platform. The reason for this is the fully realized API in that product version. MB3 does not support any CLI just yet, and so is not manageable by MSP platforms or our own console application. The API functionality for MB3 platform will be created in the future.

I should rephrase my statement that "there will be no more Anti-Malware for Business program versions past 1.80.2.1012". We may not go past 1.80, but there may in fact be revisions to the 1.80 main build, like we had with 1.80.1010, 1011 and then 1012, which brought MITM protection to signature updates.

Malwarebytes Endpoint Protection, which features the flagship MB3 tech, is sold by us only, no partners have the ability to sell or integrate with it at this time. If you are interested in this product, you can get a free trial of it here to test drive - https://www.malwarebytes.com/business/trial/?ref=ep

Link to post
Share on other sites
djacobson

djacobson

Posted
Posted (edited)

Hi @jpereboom, the MBARW team learned a valuable lesson from the backlash and case inundation we received, one which us B2B agents already know; that our admin customers need to have program revision update control. Bar none, end of story. Whether that's due to end user restrictions, update vetting, change control processes or just bundling all the work into one day of updates across your environment, or more honestly a week cause crap happens 😜 - the B2B team gets it, we've all been system admins in previous lives, we are your advocates and we do not want your tickets/helpdesk to blow up any more than our own. These expectations have been communicated and the MBARW team is stepping up to meet them on behalf what our people need.

There are no controls for the MBARW system tray icon, so to prevent things like this in the future, it is wholly on our shoulders here internally when the time comes to "flip the switch" for updates, so here's what we are doing; the business MBARW build will no longer be part of the over the air updates. Future updates will be done via new installers, which will be communicated in our new support community here - Business Solutions - We will also mirror this communication via forum posts and possibly the B2B newsletter emails.

Edited by AdvancedSetup
updated link
Link to post
Share on other sites
WHairstonLOI

WHairstonLOI

Posted
Posted (edited)

@djacobson Appreciate your responses to this topic. Please elaborate:

1. When we push NEW installations of MBARW using our EXISTING LT plugins, I'm still seeing the OLD version of MBARW deployed. Am I correct that this will be the standard behavior until a NEW or UPDATED LT plugin is developed and distributed?

2. If we apply the update of MBARW (either manually or via the .MSI file you've referenced), will that cause any issues with the EXISTING LT plugin? (ex: installations no longer recognized, etc.)

3. Per the question posed by @jpereboom above, after the update of MBARW is installed (either manually or via the .MSI file), will FUTURE upgrades to MBARW still have this behavior, or will we simply have transparent updates from this point forward (at least for MBARW)?

4. WHEN can we expect the new MB Endpoint Protection product to be the one installed, supported, and managed by the LT plugin? I don't expect an exact date, but a general timeframe for moving us LT partners off the legacy platform and onto the current platform would be nice to know. After all, our clients expect us to provide them with the latest, best protection, and obviously what we're working with isn't it.

Edited by WHairstonLOI
Link to post
Share on other sites
WHairstonLOI

WHairstonLOI

Posted
Posted (edited)
On 8/28/2017 at 11:03 AM, djacobson said:

Hi @jpereboom, the MBARW team learned a valuable lesson from the backlash and case inundation we received, one which us B2B agents already know; that our admin customers need to have program revision update control. Bar none, end of story. Whether that's due to end user restrictions, update vetting, change control processes or just bundling all the work into one day of updates across your environment, or more honestly a week cause crap happens 😜 - the B2B team gets it, we've all been system admins in previous lives, we are your advocates and we do not want your tickets/helpdesk to blow up any more than our own. These expectations have been communicated and the MBARW team is stepping up to meet them on behalf what our people need.

There are no controls for the MBARW system tray icon, so to prevent things like this in the future, it is wholly on our shoulders here internally when the time comes to "flip the switch" for updates, so here's what we are doing; the business MBARW build will no longer be part of the over the air updates. Future updates will be done via new installers, which will be communicated in our new support community here - Business Solutions - We will also mirror this communication via forum posts and possibly the B2B newsletter emails.



 

@djacobson So how do those of us who purchased via LabTech get automatically notified of such updates? I personally never come to this forum unless I have an issue, and I don't receive ANY current newsletters from MB. Am I supposed to make a habit now of visiting this forum and scanning posts on a regular basis just to see if there is a new MBARW installer in the future?

Moreover, will these "new installers" again require us to download new installation files, transfer those files to our LT servers, write and test new installation scripts in LT, etc?

I thought this product was supposed to SAVE us time and effort!

Edited by AdvancedSetup
updated links
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.