Jump to content

Recommended Posts

users are getting prompts that a new version is available. Is this legit? If so, where can I get updated installer to deploy remotely? Currently have a GPO deploying current version.

Share this post


Link to post
Share on other sites

All of my users just got this notification and none of them can install since they are not admins on their PCs.  Please send business customers a warning before doing an update like this.  My phone is ringing off the hook.  Can we get this software managed by the same console as MBAE and MBAM? 

Please provide download link for the new version.  I found a Beta 9 link but it looks like it's the consumer version. 

 

Share this post


Link to post
Share on other sites

Also interested to get the .msi installer. I have downloaded he latest MBES package, but it is still the same old version.

I was none too pleased to hear it from my users that there is an updated version available.

Share this post


Link to post
Share on other sites

100% agree. I really need the .MSI installer. I am happy they resolved this stupid temporary profile issue but unhappy that we don't have a .MSI to push this out remotely.

Share this post


Link to post
Share on other sites

Same issue as well with our install. I've put in a request to support to see if we can get a updated .exe download so I can push it out via a network install.

Share this post


Link to post
Share on other sites

We have the same issue as mentioned above, lots of calls about it. Please post once anyone finds out if they update their MSI package. I can confirm it's still the old version as of right now.

Share this post


Link to post
Share on other sites

Spoke to Malwarebytes support now..they are working on the .MSI package now. Once it's complete they will provide customers with the URL. 

I don't understand why their Anti-ransomware product can't be managed from a console. So stupid 

Edited by Wolflord

Share this post


Link to post
Share on other sites

So, I've retrieved the EXE for it, if anyone is interested. The upgrade created C:\ProgramData\MalwarebytesARW\MBAMService\instlrupdate\mbarw-setup-business-0.9.18.806.exe after I started an update from the pop-up. Note that I did not have to complete the install form here.

I grabbed it and set up a package in PDQ Deploy to push it out. After the install/update, the systray icon does not reappear, so I added a net stop / net start for mb3service at the end of the package, which gets it to reappear.

My PDQ package goes like this:

  1. File Copy to C:\temp
  2. Run install from command line with switches "/SP- /verysilent /suppressmsgboxes"
  3. delete the public desktop shortcut (just my personal preference)
  4. net stop mb3service
  5. net start mb3service

It is working well so far.

Edited by tdhaslett

Share this post


Link to post
Share on other sites
57 minutes ago, Wolflord said:

100% agree. I really need the .MSI installer. I am happy they resolved this stupid temporary profile issue but unhappy that we don't have a .MSI to push this out remotely.

Eureka! That's what has been causing my users to get logged on with temp profiles so darn much?

Share this post


Link to post
Share on other sites
3 minutes ago, tdhaslett said:

Eureka! That's what has been causing my users to get logged on with temp profiles so darn much?

Yep, it was the Anti-ransomware product. When reviewing the event logs, I found something was locking the ntuser.dat file (causing the user to log in with a temp profile). After doing some investigation, it turned out that the Anti-ransomware product was doing this..when I uninstalled the product, the issue would go away.

So it looks like this new update fixes it (when you install the update, it says it resolves this temp profile issue). But now we need the .MSI to actually push the update out to all the workstations

 

Edited by Wolflord

Share this post


Link to post
Share on other sites
30 minutes ago, Wolflord said:

Yep, it was the Anti-ransomware product. When reviewing the event logs, I found something was locking the ntuser.dat file (causing the user to log in with a temp profile). After doing some investigation, it turned out that the Anti-ransomware product was doing this..when I uninstalled the product, the issue would go away.

 

 

Son of a gun!! Ok we had been seeing the temp profile thing more often and just hadn't put 2 and 2 together.  This will be a relief (once we get the MSI that is).  

Share this post


Link to post
Share on other sites

Thanks for all of the posts.  Having the same problem as well here.  I wasn't aware that the MWB AR was causing the temporary profiles, which we have been experiencing as well.  I have a email into support as well about where to get the updated .msi and how to disable the update prompt for the end users.  

Share this post


Link to post
Share on other sites

Thank you for the information.  I am also a loyal PDQ user and will follow your instructions to update since there is no MSI

Share this post


Link to post
Share on other sites

Thanks for the info about PDQ Deploy. I was thinking about using that software for other software. In the meantime, yeah, waiting for MSI. Unfortunately, I'm only part-time, so waiting if available by tomorrow.

Share this post


Link to post
Share on other sites

For those of us who are MSPs using the Malwarebytes plugin with Connectwise Automate (formerly LabTech), is this update going to be

  • automatically applied to the client workstations,
  • do we need an updated plugin, or
  • are we stuck with having to field phone calls from all of our end users and installing this update manually?

So far today, it was the latter. Like many of the above posters, VERY UNHAPPY to learn about this via a barrage of phone calls from end-user clients and to see that the update was not silently installed like the Anti-Exploit software usually is! On a related note, I still don't understand why the Anti-Malware component can't automatically update either, but that's another post...

Share this post


Link to post
Share on other sites

@WHairstonLOI, I know where you are coming from, our own customers are upset as well, MBARW for Biz was mistakenly included on the over the air push. We had a newsletter email and update package being prepared but that isn't how it went down unfortunately.

MBARW is essentially a standalone tool, it is independent, much like Anti-Exploit is. That on-screen prompt is the auto-update function, most CU (component update) packages are silent but the code change in this update is major and requires more involvement. If your customers are local admins of their own machines, they can install the update on their own by clicking through the prompts. If not, you will need to use the installer package on the support KB link - https://support.malwarebytes.com/docs/DOC-2012 - there will be a plugin update but it must be created by us then vetted by LT, so it could take a while before you see it.

Anti-Malware is not able to automatically update its revision like our next-gen products can due to the way it was originally coded and the architecture it was built on, however, there is no real need to ponder the consequences of this as there will be no more Anti-Malware for Business program versions past 1.80.2.1012. Anti-Exploit was designed to do this automatically from the get go. The new MB3 can do this now as well. MB3 for business is called Malwarebytes Endpoint Protection.

Share this post


Link to post
Share on other sites
22 hours ago, Wolflord said:

I don't understand why their Anti-ransomware product can't be managed from a console. So stupid 

23 hours ago, alexl010 said:

Can we get this software managed by the same console as MBAE and MBAM?

When we created the MBARW beta, people wanted it sooner than the time it would take to modify the console's code to include it, so it was released as a standalone tool to get it in peoples hands faster, just like the Anti-Rootkit (MBAR) and ADWCleaner tools, you have access to them but they are not managed products. If you are a long time console user, you may remember that it required a major update from Malwarebytes Enterprise Edition 1.3.1 to Malwarebytes Management Console 1.4.0 in order to bring managed Anti-Exploit functionality.

It was and has been intended for the long run to combine all the technologies into a single footprint agent, that development had been ongoing for some time now and that product has since released. MBARW is part of a managed solution under the new Malwarebytes Endpoint Protection product.

Edited by djacobson

Share this post


Link to post
Share on other sites
On 25/08/2017 at 10:38 AM, djacobson said:

of this as there will be no more Anti-Malware for Business program versions past 1.80.2.1012. Anti-Exploit was designed to do this automatically from the get go. The new MB3 can do this now as well. MB3 for business is called Malwarebytes Endpoint Protection.

I'm confused about this.  Does this mean that for LT users, we are now going to be dealing with a product that will not be updated any more?  LT told me last week when I confronted them about the Endpoint Protection and why we are paying for licenses for and old version of MBAM and I was given this response:

"

I am glad to hear that your deployments were successful. Also, you mentioned why it is still version 1.80.2.1012 and the reason why this is, is because this is the only version that is compatible with the Malwarebytes plugin. "

 

This MB3 seems to have everything built in; instead of separate installers and it also has a much better dashboard than the LT plugin (and hopefully a reporting feature which I've been bugging LT about).

Why can't the MB3 version be the one pushed out and managed in this case instead of MWB, MWAE and MWAR;

 

 

Share this post


Link to post
Share on other sites

Djacobson thanks for your reply to this post.  It would be great to have MBARW in the console, but I understand the timing issue that you explained.  The biggest thing that would help us is just to make sure that the users aren't presented with the update pop up going forward.  Since this is a business product, I would imagine the majority of users don't want the users presented with a box telling them to install software.  We just want to be able to push out the new versions on our own schedule, and not having many users generating phone calls and support tickets, because of a pop up message.  Will this pop up message happen again in the future or how do we disable this? 

Share this post


Link to post
Share on other sites

@rleroux, the LT agent neglected to realize that it is not because it is the only version available to them, or the only one compatible with the plugin, it is because that version is the latest we have for the on-premises product. LT had in fact been using previous builds before culminating to 1012. MBAM 1.80.2.1012 itself is not old or out of date. It is very stable and has just about everything it could need now, it is however built upon the legacy platform. The reason for this is the fully realized API in that product version. MB3 does not support any CLI just yet, and so is not manageable by MSP platforms or our own console application. The API functionality for MB3 platform will be created in the future.

I should rephrase my statement that "there will be no more Anti-Malware for Business program versions past 1.80.2.1012". We may not go past 1.80, but there may in fact be revisions to the 1.80 main build, like we had with 1.80.1010, 1011 and then 1012, which brought MITM protection to signature updates.

Malwarebytes Endpoint Protection, which features the flagship MB3 tech, is sold by us only, no partners have the ability to sell or integrate with it at this time. If you are interested in this product, you can get a free trial of it here to test drive - https://www.malwarebytes.com/business/trial/?ref=ep

Share this post


Link to post
Share on other sites

Hi @jpereboom, the MBARW team learned a valuable lesson from the backlash and case inundation we received, one which us B2B agents already know; that our admin customers need to have program revision update control. Bar none, end of story. Whether that's due to end user restrictions, update vetting, change control processes or just bundling all the work into one day of updates across your environment, or more honestly a week cause crap happens ;p - the B2B team gets it, we've all been system admins in previous lives, we are your advocates and we do not want your tickets/helpdesk to blow up any more than our own. These expectations have been communicated and the MBARW team is stepping up to meet them on behalf what our people need.

There are no controls for the MBARW system tray icon, so to prevent things like this in the future, it is wholly on our shoulders here internally when the time comes to "flip the switch" for updates, so here's what we are doing; the business MBARW build will no longer be part of the over the air updates. Future updates will be done via new installers, which will be communicated in our new support community here - https://support.malwarebytes.com/community/business - We will also mirror this communication via forum posts and possibly the B2B newsletter emails.

Share this post


Link to post
Share on other sites

@djacobson Appreciate your responses to this topic. Please elaborate:

1. When we push NEW installations of MBARW using our EXISTING LT plugins, I'm still seeing the OLD version of MBARW deployed. Am I correct that this will be the standard behavior until a NEW or UPDATED LT plugin is developed and distributed?

2. If we apply the update of MBARW (either manually or via the .MSI file you've referenced), will that cause any issues with the EXISTING LT plugin? (ex: installations no longer recognized, etc.)

3. Per the question posed by @jpereboom above, after the update of MBARW is installed (either manually or via the .MSI file), will FUTURE upgrades to MBARW still have this behavior, or will we simply have transparent updates from this point forward (at least for MBARW)?

4. WHEN can we expect the new MB Endpoint Protection product to be the one installed, supported, and managed by the LT plugin? I don't expect an exact date, but a general timeframe for moving us LT partners off the legacy platform and onto the current platform would be nice to know. After all, our clients expect us to provide them with the latest, best protection, and obviously what we're working with isn't it.

Edited by WHairstonLOI

Share this post


Link to post
Share on other sites
14 minutes ago, djacobson said:

Hi @jpereboom, the MBARW team learned a valuable lesson from the backlash and case inundation we received, one which us B2B agents already know; that our admin customers need to have program revision update control. Bar none, end of story. Whether that's due to end user restrictions, update vetting, change control processes or just bundling all the work into one day of updates across your environment, or more honestly a week cause crap happens ;p - the B2B team gets it, we've all been system admins in previous lives, we are your advocates and we do not want your tickets/helpdesk to blow up any more than our own. These expectations have been communicated and the MBARW team is stepping up to meet them on behalf what our people need.

There are no controls for the MBARW system tray icon, so to prevent things like this in the future, it is wholly on our shoulders here internally when the time comes to "flip the switch" for updates, so here's what we are doing; the business MBARW build will no longer be part of the over the air updates. Future updates will be done via new installers, which will be communicated in our new support community here - https://support.malwarebytes.com/community/business - We will also mirror this communication via forum posts and possibly the B2B newsletter emails.



 

@djacobson So how do those of us who purchased via LabTech get automatically notified of such updates? I personally never come to this forum unless I have an issue, and I don't receive ANY current newsletters from MB. Am I supposed to make a habit now of visiting this forum and scanning posts on a regular basis just to see if there is a new MBARW installer in the future?

Moreover, will these "new installers" again require us to download new installation files, transfer those files to our LT servers, write and test new installation scripts in LT, etc?

I thought this product was supposed to SAVE us time and effort!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.