EMET or Malwarebytes Anti exploit?

Page 2 of 4 FirstFirst 1234 LastLast

  1. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       #11

    Kol12 said:
    My first source of information regarding the EMET vulnerability was from hardenwindows10forsecurity.com where he say's and I quote:

    "This guide used to recommend EMET 5.2 for other versions of Windows, but MS has pronounced that it is not compatible with Windows 10. EMET 5.5 has been released. However, the new version requires the Secondary Logon service active. And by having access to Secondary Logon service, attackers can use the runas command line tool to invoke administrative rights."
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
      My Computer


  2. Posts : 1,463
    Windows 10 Pro 22H2 64 bit
       #12

    DavidE,

    You can turn off the auto update in MBAE if that will help.

    EMET or Malwarebytes Anti exploit?-mbae-setings.jpg

    Jim
      My Computer


  3. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       #13

    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I would like to get a prompt when a new program update is available, and control if/when it is updated.
      My Computer


  4. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #14

    DavidE said:
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Attackers can turn Microsoft exploit defense tool EMET against itself - Windows 10 Forums

    Just google "EMET vulnerability" and you'll see links to many articles at a range of reputable sites.
    Most date to the Feb 2016 disclosure/announcement by MS.
    This is more recent:
    Zero-day Windows vulnerability that can supposedly bypass EMET up for sale for $90,000


    MM
      My Computer


  5. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #15

    DavidE said:
    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I will double-check on that, but I am pretty sure it does not work that way.

    I would like to get a prompt when a new program update is available, and control if/when it is updated.
    Disabling the auto-update setting will only disable exactly that: automatically installing the new program version when it is available to that system.
    If one disables that setting, one will still be NOTIFIED that a new program version is available.
    The user can then elect to upgrade or not.

    At least that's how MBAE Premium behaves on all 3 of my systems with that setting disabled.
    (Free should behave the same for this particular feature.)

    Thanks,
    MM
      My Computer


  6. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       #16

    So, for people i try to help
    Should i recommend don't use EMET, and tell them they have to pay x$ for MBAE yearly ?

    These are mostly senior citizens on fixed income, non-techies, and won't pay online, etc.
    The only thing i see MBAE free protects for them is a browser protection (maybe).
    I remove Adobe, Java, etc. for them.
    They may have MS Office, and often do.
    Their OS could be W7 to W10 (or Vista).
      My Computer


  7. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #17

    Hi:

    You can advise them however you see fit.

    For what it's worth, most exploits are delivered via browsers.
    Since MBAE Free shields most common browsers and Java, it is sufficient for most users.

    Users who wish to expand protection for other types of applications can purchase the Premium version.
    The rationale behind what is or is not shielded by default in MBAE Free is explained here.
    HMPA, the other, major, third-party anti-exploit application is also a paid program.

    It's always up to each computer user how to protect his/her system.
    I have no financial interest in any product.
    I merely pointed out the well-publicized vulnerability of EMET and tried to correct some misconceptions about MBAE.
    But if you prefer EMET over other similar applications for your computer or for friends, family and clients, then that's certainly 100% fine with me.

    >>NONE of these applications will protect 100% of computers from 100% of malware 100% of the time.
    >>For users who practice "unsafe hex", they will likely fall victim eventually to some adverse event, no matter what security programs are installed.
    >> The key is to educate one's customers on how to protect themselves with "best practices" for personal computing.

    I'm not interested in arguing with you, especially since the OP on this thread was satisfied with the information presented.
    Please do as you see fit.

    Cheers,
    MM
      My Computer


  8. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       #18

    Understood and thanks.
    I'm also not interested in arguing.
    Guess I know i can't support re-installing MBAE or MBAM remotely for others based on my own experience.
      My Computer


  9. Posts : 2,979
    Windows 11
    Thread Starter
       #19

    DavidE said:
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Harden Windows 10 - A Security Guide. How to secure Windows 10

    use find (ctrl+f) and type EMET
      My Computer


  10. Posts : 2,979
    Windows 11
    Thread Starter
       #20

    I would still like some insight into the Secondary Logon service/runas command line tool vulnerability in EMET and if it is enough to stop using EMET all together...
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 16:37.
Find Us




Windows 10 Forums