Malwarebytes Completes Acquisition of ZeroVulnerabilityLabs

http://www.zerovulnerabilitylabs.com/

press release scroll down a-little :slight_smile:
i’ll pass on the beta 8)

Just a tad late. http://forum.avast.com/index.php?topic=19387.3810 :wink:

Right, schmidthouse, just a tad late.Let us be glad that Dan has found that tool at last.
Let us hope he will give it a swing now, and be as satisfied as we are,

polonus

P.S. “MA-E” now with19 shields running for me at the moment I post this…
and Dan, it is a very late beta, safe to run it…

Damian

Yup! :wink: 8)

Tried yesterday, would not let me open IE 10, seems like a problem for some users, developers promise to fix.

If you had read the Malwarebytes forum you would have noticed it is a problem that has been reported many times :wink:
http://forums.malwarebytes.org/index.php?s=6b23963372e51b328771e9253a598b10&showforum=126

Actually I did, I was the first one to report it in the Wilders forum.

Not much point reporting it there, you need to report it to Malwarebytes and supply DDS logs for them to resolve the issue.

Actually did that too as developer frequents that forum and asked for mine and anyone else who was having this problem configurations.

Hi folks,

The tool comes loaded before the user interface.(OS)!
I haven’t experienced lately with that beta the issue of the icon disappearing
(exploit shield then was still running in the background as could be established via Task Manager).
Another issue the occasional google chrome browser crash was also experienced a few times.
The issue with IE10 seems to be fixed now → http://forums.malwarebytes.org/index.php?s=deec6e50954da5a0283c12c5c85335bb&showtopic=128129 #3

The loader has an entry point outside the code - double variables in function call - entry point at 000110B4,
and according to me that is at the culprit of these issues
(credits go to our forum member ,g3n h@ckm@n, for debugging this for us and finding this up for us).
Seems we are not yet ready for general beta testing then…

polonus

Here are some fixes: http://forums.malwarebytes.org/index.php?showtopic=128145 :wink:

Updated,

polonus

ExploitShield – Smart AntiExecutable http://www.insanitybit.com/2013/06/22/exploitshield-smart-antiexecutable/

I like Malwarebytes, and I find it to be the best antivirus. They’re a legit company, and maybe they’ll turn ExploitShield into something legitimate as well. But until then I don’t see its use, it just seems like extra attack surface.

If you want a real anti-exploit program, use EMET. It actually prevents exploits, or mitigations stage 1/2 payloads (as opposed to stage 3, which is the final executable) and prevents an attacker from ever getting shell access.

I added narration to a video I found on a symantec blog.
The download of the file was considered safe by MB anti-exploit.
The finished product which I titled “Android Fake Antivirus” was flagged and not allowed to run.
I needed to allow it as an exception. It wasn’t the file that wasn’t acceptable but apparently the title
wasn’t to MB anti-exploits liking. :o
I guess that’s why it’s still in beta. :slight_smile:

What the critique sums up to is that any script blocker - virtual machine combination is better than mb-a-e. That users rather should install emet 4.0 even with the known “issues”. I think it is a valuable added layer of security, 2004 coding or not. It alerted and stopped 8 attacks for me, while there were no other alerts going, whether this is on the attack level (could also be user induced) or preventing “initial” payload execution is a second discussion. My first notion also was to think of a fud tool with snake oil functionality. What kept me thinking of a clever outlay of the tool is with the three independant parts acting together, They never said that this tool was anything else than a payload (execution) blocker…if it is a dummy proof extra coming as an install and forrget, I am for it when it comes out of general beta phase, which it has not yet reached…

polonus

i trashed EMET 4.0 … random apps crashing, several BSODs (yay for injecting EMET into critical unrelated processes)
3.0 was relatively stable, 3.5 was relatively unstable, 4.0 is still unstable

Hi Dwarden,

Thank you very much for confirming what I stated about emet 4.0 with “the issues”. You specified them. I would not trust emet in the hands of the unadvised.
It would turn “emet” into “met”, the Hebrew word met meaning “death”, emet meaning “truth”…

polonus

Yes this program (MBAE) is still in its infancy(relatively speaking) no matter what it’s called. And I do agree with you Damian, it has always been billed as an Exploit (Payload Execution) blocker 8)

Thanks, schmidthouse,

“quod erat demonstrandum”

polonus

@Polonus do you global exclusion the Malwarebytes Anti-Exploit into Avast, because the Malwarebytes Anti-Exploit Shielded application count keeps on going back and forward…0 to 1 all the time is this because is conflicting with the Avast ‘BS’, ‘WS’ & ‘SS’ I just got a feeling that Malwarebytes Anti-Exploit doesn’t seem to play very well with Avast or maybe is my FF v22.0. And I’m fully aware Malwarebytes Anti-Exploit is only at beta stage :wink: