Jump to content

Exploit payload process blocked WHY???

bethieskulls

By bethieskulls
in Exploit

 Share

Recommended Posts

Porthos

Porthos

Posted
Posted
6 hours ago, houseitems said:

Just did the update but it Malwarebytes is preventing my opening a Word Document, that I created.

Your screenshot shows you did not install the Beta that fixes this issue.

Please make sure you go to Settings, General and enable Beta. Then scroll back to the top and check for updates. Install the update and restart the computer Thanks

Link to post
Share on other sites
exile360

exile360

Posted
Posted

A new build has just been released, so if you have not installed it already, please open Malwarebytes and check for updates and install it, then restart the system once it finishes and see if the issue has been resolved or not.

If it still persists, open Malwarebytes and navigate to settings by clicking the small gear icon in the upper right, then select the Security sub-tab and scroll down to the Exploit Protection section and make sure the option to block penetration testing attacks is set to Off (it should be by default, however it's a known issue that some defaults are not configured properly on some installations), then click the Advanced settings button and click on the Restore Defaults button at the bottom of the advanced settings window.  Once that's done, wait approximately 30 seconds to allow the protection to refresh itself, then test to see if the issue still occurs or not.

Please let us know how it goes.

Thanks

Link to post
Share on other sites
Porthos

Porthos

Posted
Posted
1 minute ago, MajikTom said:

This fix lasted one day. It's now happening again this morning. Can't open any MS office files.... Exploit Blocked...

Did you check the following?

If it still persists, open Malwarebytes and navigate to settings by clicking the small gear icon in the upper right, then select the Security sub-tab and scroll down to the Exploit Protection section and make sure the option to block penetration testing attacks is set to Off (it should be by default, however it's a known issue that some defaults are not configured properly on some installations), then click the Advanced settings button and click on the Restore Defaults button at the bottom of the advanced settings window.  Once that's done, wait approximately 30 seconds to allow the protection to refresh itself, then test to see if the issue still occurs or not.

Link to post
Share on other sites
  • Staff
Arthi

Arthi

Posted
  • Staff
Posted (edited)

Hi MajikTom,

Can you please post this file here C:\ProgramData\Malwarebytes\MBAMService\logs\mbae-default.log

There were multiple Exploit protection related issues - some of it resolved with restore default settings and turning off Penetration testing protection, some of them were fixed in the last product update released, some of them we are still taking a look into. So I would really like to check this log so I can offer a workaround/resolution accordingly.

Thank you.

 

Edited by Arthi
Link to post
Share on other sites
NovaRays

NovaRays

Posted
Posted

Hello all, I'm not a tech guy but I did have the same issue. I noticed that it only affected Microsoft documents I had stored in my OneDrive.  I sent a copy from OneDrive to my coworker and after downloading it to my desktop, it opened without any issue. For me anyway, it seems to be that Windows OneDrive was causing the problem.  Alternatively after testing, I found I could also right click on the file in OneDrive and choose the 'Send to' option and send it to another drive or a USB and it also opens without issue. Hope this can help someone. 

Link to post
Share on other sites
exile360

exile360

Posted
Posted

If you haven't done so already, please try opening Malwarebytes, navigating to settings by clicking the small gear icon in the upper right, then selecting the Security tab and ensuring that the option for blocking penetration testing attacks is disabled, then click the Advanced settings button and click on the Restore Defaults button at the bottom.  Once that's done, wait around 30 seconds to allow the protection to refresh and settle down (or just restart the system) and test to see if the issue is now corrected or not.

Link to post
Share on other sites
NovaRays

NovaRays

Posted
Posted

Thank you exile360. That seems to resolve the issue with OneDrive.  However, now my concern would be not having protection against penetrating testing attacks.  For now, I think the work-around of not opening directly in OneDrive will be OK.  Hopefully since the issue is known it will get resolved without the need to disable the feature.

Link to post
Share on other sites
exile360

exile360

Posted
Posted

To allay your fears a bit, penetration testing attacks are just what they sound like; they're just tests performed by professionals that are hired by companies to test their security measures, not defenses against actual in-the-wild malware/hackers, so you really aren't losing any protection from anything you'd ever encounter in the real world.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.