While we’re still riding high on Malwarebytes Anti-Exploit winning the V3 Security Innovation of the year award, we are also happy to announce the general availability of the new Malwarebytes Anti-Exploit 1.05.1.1014.
While with 0.10 beta we did a complete re-write of the underlying service architecture, this build is a complete re-write or refactor of the protection DLL. This refactoring greatly improves the overall stability and reduces most known conflicts with third-party applications as detailed in the Known Issues list.
In addition we’ve added a whole new protection layer. The new Layer0 called “Application Hardening” now includes protections such as DEP Enforcement, Anti-HeapSpraying and BottomUp ASLR Enforcement. The other protection layers have also been improved by including ROP protection and StackPivoting 64bit mitigations in Layer1, 64bit caller mitigations for Layer2 and new application behavior mitigations for Layer3. As an example of Layer3, we’ve added a mitigation for the much talked-about recent PowerPoint zero-day vulnerabilities CVE-2014-4114 and CVE-2014-6352. After some testing we saw that the mitigation suggested by Microsoft for EMET could cause system instabilities and conflicts with third-party applications. We have therefore designed a much more stable mitigation for these type of vulnerabilities.
This 1.05 version also introduces a 14-day trial mode. There are some other UI improvements that can be seen immediately, such as a re-designed shielded applications counter which counts unique instances of applications rather than total number of processes, traybar balloon messages when protection is stopped, or different UI designs depending on the build (Free vs Premium vs Corporate), among others.
Many things have also been improved, like the IPC communication between the service and the protection DLL, the 64-bit process communication and some improvements in the “other” custom shield protection profile among other things. Finally this build includes a bunch of bug fixes in all aspects of the product, from FPs, conflicts with third-party applications, UI bug fixes, counter fixes, and a DoS condition in the driver.
You may download and install Malwarebytes Anti-Exploit (MBAE) 1.05.1.1014 from the MBAE webpage: https://www.malwarebytes.org/antiexploit/
There is no need to uninstall the previous version. Simply install on top.
Pedro Bustamante
P.S. Here’s a photo of the V3 award at the ceremony:
