Jump to content

MB v4.5.4 Security Advisor Warning for Tamper Protection Confusing


lmacri

Recommended Posts

I happened to check my Security Advisor recommendations in MB Premium v4.5.4 yesterday and was in a bit of panic when I saw that Security Advisor was recommending that I turn ON Tamper Protection to "prevent unauthorized changes".

1449778692_MBPremiumv4_5_4SecurityAdvisorTamperProtectionDisabled20Feb2022.png.3935a3e1ecb9676c7dc029077551663f.png

 

I confirmed that my Self-Protection module at Settings Security | Windows Startup | Advanced | Enable Self-Protection Module was still turned ON and found a Tamper Protection setting, which I didn't recall seeing before, at Settings General | Tamper Protection that was turned OFF by default.

1626746033_MBPremiumv4_5_4SettingsSecurityWindowsStartupAdvancedSelf-ProtectionEnabled20Feb2022.png.f9c3f25bede51e9d4a2621e09a78264d.png

1006266155_MBPremiumv4_5_4SettingsGeneralTamperProtectionDisabled20Feb2022.png.67dc65b3d538499085b0e0d1746ea6c5.png


However, I wasn't entirely sure how Tamper Protection differed from Self-Protection until I found Erix's What's New in 4.4.6 release notes from 07-Sep-2021 stating "User Access Controls renamed to Tamper Protection".  The support article at Restrict Uninstallation of Malwarebytes for Windows provided further clarification.

Most anitvirus programs use the term "tamper protection" to describe the security feature that prevents malicious apps or outside programs from making changes to their software (e.g., disabling real-time protection, injecting malicious code, etc. - see the Microsoft Defender support article Prevent Changes to Security Settings with Tamper Protection for one example), which I assume is the equivalent of Malwarebytes' "self-protection".

I don't understand why Malwarebytes chose to rename the self-explanatory "User Access Controls" to "Tamper Protection", and I'm afraid that many MB Premium v4.5.4 users who see that Security Advisor recommendation to turn ON Tamper Protection (a setting that is turn OFF by default) will believe they are actually enabling Self-Protection and might not understand the actual purpose of adding password protection to Tamper Protection.  I would prefer if Malwarebytes changed the term "Tamper Protection" back to "User Access Controls", but if that isn't possible then changing the wording of the Security Advisor warning for Tamper Protection from "prevent unauthorized changes" to "prevent unauthorized changes by other users sharing your device" or "prevent other users from uninstalling Malwarebytes" might help alleviate some of the confusion.
-----------
64-bit Win 10 Pro v21H2 build 19044.1526 * Firefox v97.0.1 * Microsoft Defender v4.18.2201.10-1.1.18900.3 * Malwarebytes Premium v4.5.4.168-1.0.1599
Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Edited by lmacri
  • Thanks 1
Link to post
Share on other sites

  • lmacri changed the title to MB v4.5.4 Security Advisor Warning for Tamper Protection Confusing
  • 1 month later...

Has the Security Advisor warning for Tamper Protection been removed in Malwarebytes v4.5.7 (rel. 29-Mar-2022)?  As far as I know I don't currently have any dismissed (hidden) warnings in Security Advisor but the General Settings section no longer appears to be checking the status of my Tamper Protection setting as it did in earlier versions (see the first image of my MB v4.5.4 Security Advisor <above>).

2081978420_MBPremiumv4_5_7SecurityAdvisorTamperProtectionWarningRemoved31Mar2022.png.a5e03e29b93d8fc6d50cf45dd7f58156.png

I confirmed that Tamper Protection is still turned off in the General tab of my Malwarebytes v4.5.7 settings.

 470819969_MBPremiumv4_5_4SettingsGeneralTamperProtectionDisabled31Mar2022.png.2dc3ba3761094a541a9717a48289eae1.png

If Security Advisor is no longer checking the status of this setting then that is a step in the right direction, but note that I would still prefer if Malwarebytes would change the term "Tamper Protection" back to "User Access Controls" as I suggested in my original 20-Feb-2022 post.
-----------
64-bit Win 10 Pro v21H2 build 19044.1586 * Firefox v98.0.2 * Microsoft Defender v4.18.2202.4-1.1.19000.8 * Malwarebytes Premium 4.5.7.186-1.0.1645
Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Link to post
Share on other sites

52 minutes ago, lmacri said:

but note that I would still prefer if Malwarebytes would change the term "Tamper Protection" back to "User Access Controls" as I suggested in my original 20-Feb-2022 post.

I second that as users are confused by the term and assume it protects Malwarebytes itself from outside tampering and not other physical tampering by other local users of the computer.

Malwarebytes already prevents outside users or other software from affecting it. "Self-Protection"

Link to post
Share on other sites

  • Root Admin

Can we get new MBST logs please.

 

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

Hi AdvancedSetup:

Here's a new set of diagnostic logs.

mbst-grab-results.zip

I'm not clear if the status of the Tamper Protection setting is still supposed to be monitored by Security Advisor in MB v4.5.7,  but I should note that I seem to be having other problems with Security Monitor [i.e., dismissed (hidden) warnings can only be hidden for ~ 30 days before I see a reminder, even though this Security Advisor behaviour was supposed to stop back in January 2022].  See my 30-Mar-2022 post in my Dec 2021 thread Security Advisor Warning Returns After Being Dismissed in MB v4.4.10 for recent screenshots.  If you think there's something wrong with my MB v4.5.7 installation that might be a better thread to do troubleshooting.
-----------
64-bit Win 10 Pro v21H2 build 19044.1586 * Firefox v98.0.2 * Microsoft Defender v4.18.2202.4-1.1.19000.8 * Malwarebytes Premium 4.5.7.186-1.0.1645
Dell Inspiron 15 5584, Intel i5-8265U CPU, 8 GB RAM, 256 GB Toshiba KBG40ZNS256G NVMe SSD, Intel UHD Graphics 620

Edited by lmacri
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.