Windows 10: EMET or Malwarebytes Anti exploit?

Page 2 of 4 FirstFirst 1234 LastLast

  1. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #11

    Kol12 said: View Post
    My first source of information regarding the EMET vulnerability was from hardenwindows10forsecurity.com where he say's and I quote:

    "This guide used to recommend EMET 5.2 for other versions of Windows, but MS has pronounced that it is not compatible with Windows 10. EMET 5.5 has been released. However, the new version requires the Secondary Logon service active. And by having access to Secondary Logon service, attackers can use the runas command line tool to invoke administrative rights."
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
      My ComputerSystem Spec


  2. Posts : 639
    Windows 10 1703 Pro 64
       21 Sep 2016 #12

    DavidE,

    You can turn off the auto update in MBAE if that will help.

    Click image for larger version. 

Name:	MBAE Setings.JPG 
Views:	29 
Size:	56.5 KB 
ID:	102528

    Jim
      My ComputerSystem Spec


  3. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #13

    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I would like to get a prompt when a new program update is available, and control if/when it is updated.
      My ComputerSystem Spec


  4. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #14

    DavidE said: View Post
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Attackers can turn Microsoft exploit defense tool EMET against itself - Windows 10 Forums

    Just google "EMET vulnerability" and you'll see links to many articles at a range of reputable sites.
    Most date to the Feb 2016 disclosure/announcement by MS.
    This is more recent:
    Zero-day Windows vulnerability that can supposedly bypass EMET up for sale for $90,000


    MM
      My ComputerSystem Spec


  5. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #15

    DavidE said: View Post
    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I will double-check on that, but I am pretty sure it does not work that way.

    I would like to get a prompt when a new program update is available, and control if/when it is updated.
    Disabling the auto-update setting will only disable exactly that: automatically installing the new program version when it is available to that system.
    If one disables that setting, one will still be NOTIFIED that a new program version is available.
    The user can then elect to upgrade or not.

    At least that's how MBAE Premium behaves on all 3 of my systems with that setting disabled.
    (Free should behave the same for this particular feature.)

    Thanks,
    MM
      My ComputerSystem Spec


  6. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #16

    So, for people i try to help
    Should i recommend don't use EMET, and tell them they have to pay x$ for MBAE yearly ?

    These are mostly senior citizens on fixed income, non-techies, and won't pay online, etc.
    The only thing i see MBAE free protects for them is a browser protection (maybe).
    I remove Adobe, Java, etc. for them.
    They may have MS Office, and often do.
    Their OS could be W7 to W10 (or Vista).
      My ComputerSystem Spec


  7. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #17

    Hi:

    You can advise them however you see fit.

    For what it's worth, most exploits are delivered via browsers.
    Since MBAE Free shields most common browsers and Java, it is sufficient for most users.

    Users who wish to expand protection for other types of applications can purchase the Premium version.
    The rationale behind what is or is not shielded by default in MBAE Free is explained here.
    HMPA, the other, major, third-party anti-exploit application is also a paid program.

    It's always up to each computer user how to protect his/her system.
    I have no financial interest in any product.
    I merely pointed out the well-publicized vulnerability of EMET and tried to correct some misconceptions about MBAE.
    But if you prefer EMET over other similar applications for your computer or for friends, family and clients, then that's certainly 100% fine with me.

    >>NONE of these applications will protect 100% of computers from 100% of malware 100% of the time.
    >>For users who practice "unsafe hex", they will likely fall victim eventually to some adverse event, no matter what security programs are installed.
    >> The key is to educate one's customers on how to protect themselves with "best practices" for personal computing.

    I'm not interested in arguing with you, especially since the OP on this thread was satisfied with the information presented.
    Please do as you see fit.

    Cheers,
    MM
      My ComputerSystem Spec


  8. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #18

    Understood and thanks.
    I'm also not interested in arguing.
    Guess I know i can't support re-installing MBAE or MBAM remotely for others based on my own experience.
      My ComputerSystem Spec


  9. Posts : 273
    Windows 10 64 bit, 1607
    Thread Starter
       21 Sep 2016 #19

    DavidE said: View Post
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Harden Windows 10 - A Security Guide. How to secure Windows 10

    use find (ctrl+f) and type EMET
      My ComputerSystem Spec


  10. Posts : 273
    Windows 10 64 bit, 1607
    Thread Starter
       21 Sep 2016 #20

    I would still like some insight into the Secondary Logon service/runas command line tool vulnerability in EMET and if it is enough to stop using EMET all together...
      My ComputerSystem Spec


 
Page 2 of 4 FirstFirst 1234 LastLast

Related Threads
Solved Latest Version Malwarebytes Anti Exploit in AntiVirus, Firewalls and System Security
89528 Malwarebytes Anti Exploit Stand Alone Beta Latest beta version 1.09.1.1410 / 12 May 2017 Download page*** Changelog: Fix for a False positive with WMI protection Fix for an ASLR block with MS Office due to a conflict with...
Read more: Attackers can turn Microsoft's exploit defense tool EMET against itself | PCWorld
Read more: Microsoft: Windows 10, Edge so secure they don't need our EMET anti zero-day shield | ZDNet See also: Enhanced Mitigation Experience Toolkit (EMET) for Windows 10 - Windows 10 Forums
Solved Malwarebytes Anti -Exploit in AntiVirus, Firewalls and System Security
At the moment I'm using Bitdefender anti virus and Malwarebytes anti malware. Would it be advantageous to install the above program. I'm not sure I fully understand what this program is trying to do. I have read the description on their web site...
Source: Use an Anti-Exploit Program to Help Protect Your PC From Zero-Day Attacks For more information and download links, go to this thread: Latest Version Malwarebytes Anti Exploit
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 04:18.
Find Us