Jump to content

MBAE - Java protections unticked in Advanced Settings


Recommended Posts

I have noticed that the first three Java protections in Advanced Settings in MBAE have become unticked.  Is this by design?

This has occurred with all the installations I have of Windows 7, 8.1 and 10.

I have reinstated the ticked status of those first three protections.  I guess that if they were previously enabled that it should continue.  I do not knowingly use Java.

Edited by hake
Link to post
Share on other sites

  • Staff

Hi All,

The build announcement has been made. The Java protection default setting change was intentional due to some false detections we found in the field. We have studied the threat landscape over the past few months and were comfortable to uncheck it by default. However, if you do not face any false detections with the Java protection, feel free to turn it ON.

Thank you.

Link to post
Share on other sites

I don't think it's nearly as important as it once was to guard Java mainly because most systems don't ship with it installed any more and users who do run Java for a specific purpose (such as development or running a game such as Minecraft) are probably more likely to keep it up to date than the past millions of users who had it installed out of the box by the OEMs, often not even realizing what it was or that it was even installed on the system (because they never actually used it for anything).  Hopefully I'm right and dropping these protection defaults until the FP issue is resolved won't have a negative impact on users.  I don't know how the threat landscape is these days with regards to Java based exploits, but I suspect they likely aren't nearly as prominent as they once were, largely because Java doesn't have the massive install base it once did.

Link to post
Share on other sites

Yes, I'm sure it would, assuming the .jar file is malicious.  .jar files (as well as .MSI files) are very common exploit payloads.

Malwarebytes also detects when the file extension does not match as a heuristic rule as I recall, though I'm unsure if that rule applies to .jar files.

Edited by exile360
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.