Windows 10: EMET or Malwarebytes Anti exploit?

Page 3 of 4 FirstFirst 1234 LastLast

  1. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #21

    I'd like more explanation on this quote from the link:
    One of the core design goals of the guides's hardening approach is to deny attacks even if the attacker knows your admin password. This could be result of shoulder surfing - simply noting your password as you type it by looking over your shoulder. Or it can be that a keylogger has been installed on your system.
    what does this really mean ?

    let's ignore the looking over the shoulder idea, that's, well, i won't comment.

    how did the attacker get an admin pw if the user logs in with a standard account ?
    if you already have a key logger installed, aren't you already in serious trouble, no matter what ?
    does MBAE or EMET protect against keyloggers ?
      My ComputerSystem Spec


  2. Posts : 269
    Windows 10 64 bit, 1607
    Thread Starter
       22 Sep 2016 #22

    DavidE said: View Post
    I'd like more explanation on this quote from the link:


    what does this really mean ?

    let's ignore the looking over the shoulder idea, that's, well, i won't comment.

    how did the attacker get an admin pw if the user logs in with a standard account ?
    if you already have a key logger installed, aren't you already in serious trouble, no matter what ?
    does MBAE or EMET protect against keyloggers ?
    Maybe a keylogger can get into your system on a standard account and log the admin password if it's entered? Does really make much sense to me either.

    Does MBAE or EMET protect against keyloggers? I'll have to let someone else answer that...

    I've noticed that no one has replied to my thread "Is a standard user account really necessary for extra security" What are your guys opinions? Is it an overkill for the home user or just an extra security measure that can be taken?
      My ComputerSystem Spec


  3. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       22 Sep 2016 #23

    Hi:

    Does MBAE or EMET protect against keyloggers? I'll have to let someone else answer that...
    I do not know about EMET.

    MBAE does not protect against keyloggers, but MBAM does-- at least illegal ones (there are certain legal keyloggers used for legitimate purposes, e.g. in an Enterprise environment).
    Your AV may also protect against some of them.

    Unlike MBAM and your AV, MBAE does not protect against the "what" of malware.
    It protects against the "how" of malware.
    It is a pre-infection, preventative protection mechanism.
    There are a number of informative pinned topics and webinars/videos on the internet that explain further.

    >>As an aside: to work properly (as with most security software), MBAE (and MBAM) need to be installed and configured from a Windows Admin account.

    Cheers,
    MM
      My ComputerSystem Spec


  4. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       22 Sep 2016 #24

    Hi:

    I apologize for back-to-back posts, but I have received confirmation from the VP of Technology (and former Senior Technical Product Manager for MBAE), Pedro Bustamante.

    So, for the OP, for @DavidE and for anyone else who might read this thread....

    1) Yes, if "auto upgrade" is disabled, the user will be shown a dialogbox that says "new version available, do you want to install [ok/cancel]" when a new version is available.
    That confirms the behavior I reported earlier.

    2) This applies to all Premium, Free and Trial.
    Ditto.

    3) Yes, MBAE needs to be installed from an Admin account as it needs to install a Windows Service. Once installed, to make any changes to the configuration, it also needs to be done from an admin account.
    Ditto. So, if the program was installed under a limited/standard user account, it should be cleanly removed and reinstalled from an Admin account in order for the program to perform correctly. I would be happy to provide tips/best practices for such a clean reinstall, if needed.

    Thank you again,

    MM
      My ComputerSystem Spec


  5. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       22 Sep 2016 #25

    Thanks for that info.
    I unchecked Automatically upgrade to new versions
    I'll see if that change makes any difference the next time a new version is available.

    The problem for me is there is no way for me to manually Check for new versions and run the update when i want to.
    The Auto check only happens once per day, so i can't control when the update is offered and i can choose to update.

    I normally log in with a Standard account, and that's when i get notified of a new version.
    If i log off and log back in as an Admin, i don't get the new update message for a day or so, and i can't manually check and update to the new version.

    I don't want to be logged in as an Admin for a day waiting for the message/option to update MBAE is re-offered.
    I don't want to update the program when i am logged is with a Standard account.

    Most programs i use have a "Check for updates" option.
    I don't see this option in MBAE (free).

    I don't think this affects most users, they probably normally log in with an Admin account.
    They can do the program update when it is offered if they want to.
    I consider my situation a one-off personal problem because of the way i use Windows, with a Standard account.
      My ComputerSystem Spec


  6. Posts : 269
    Windows 10 64 bit, 1607
    Thread Starter
       23 Sep 2016 #26

    Well I still don't have an answer to whether I should do away with EMET due to the secondary logon vulnerability. Anyone?
      My ComputerSystem Spec

  7.    23 Sep 2016 #27

    Kol12 said: View Post
    Well I still don't have an answer to whether I should do away with EMET due to the secondary logon vulnerability. Anyone?
    I would Suggest to stay away from EMET I have had some problems with is as far as configuring it

    if you are still looking for advice i would recommend this

    https://www.abelssoft.de/en/windows/...AntiBrowserSpy free

    and

    https://www.malwarebytes.com/antiexploit/ free but better is paid verstion Both togather work fine

    good luck
      My ComputerSystem Spec


  8. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       23 Sep 2016 #28

    Hi, @DavidE:

    A "check for updates" button has been an RFF by one or two users for future program versions. I do not know if or when it will be implemented. However, the best place to reiterate such a request would be at the MBAE Forum (Questions/Comments) section. That way, your request will be seen by the developers.

    Having said that, MBAE does not use definitions or databases. So, the only updates are PROGRAM updates. Those occur only a few times a year. There's really no need to perform manual, frequent update checks. As previously explained, the ~once day automatic and silent update check is more than sufficient. You will be notified when/if a new program version is available. If you have auto-updates disabled and choose not to update at that time, you will be notified again ~a day (or a system cold start) later. Other strategies include checking the MBAE forum from time to time -- new beta and release builds, with changelogs, are posted there. There is a dedicated forum pinned topic devoted solely to MBAE updates. And one can always manually download the latest release build from the MBAE product page. Unless it's announced otherwise by the developers, new builds may be installed on top of one's existing installation. But, again, new program updates are released only a handful of times a year.

    And, to respectfully reiterate the information here, it's critically important that MBAE be installed and configured from an Admin account. This includes any configuration changes. Once installed and configured from that Admin account, it will run pretty much silently, with no user interaction needed by any user. There should be no need for a standard/limited user to interact with or change anything in the program. Attempts to do so may cause performance or stability problems, as such accounts do not have access to the system files needed for the program's operation.

    Thank you again,

    MM
      My ComputerSystem Spec


  9. Posts : 353
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       23 Sep 2016 #29

    @MoxieMomma
    Thank-you.
      My ComputerSystem Spec

  10.    23 Sep 2016 #30

    DavidE said: View Post
    The auto-update program updates are the problem.
    For me for, in the free version, i don't see a choice to be notified of a new update and have any control.
    If I'm logged in as a Limited account, MBAE wants to update the program.
    I can't/won't do that without doing a system image backup first, and logging in as an Admin before updating ANY Security program.
    I think i tried updating the program logged in as Limited a long time ago, and that never worked
    Well, when i decline the "update now" for the MBAE program update, it takes at least a day to get offered the update again.
    And by then I'm logged in as a Limiter User again, I'm not going to stay logged in as an Admin, just for an MBAE update.
    Yea, I've downloaded the latest MBAE version for a pgm update as admin, and using that is another experience
    Automatic upgrade can be turned off.
    Click image for larger version. 

Name:	MBAE.JPG 
Views:	13 
Size:	45.9 KB 
ID:	102815
      My ComputerSystem Spec


 
Page 3 of 4 FirstFirst 1234 LastLast

Related Threads
Solved Latest Version Malwarebytes Anti Exploit in AntiVirus, Firewalls and System Security
89528 Malwarebytes Anti Exploit Stand Alone Beta Latest beta version 1.09.1.1410 / 12 May 2017 Download page*** Changelog: Fix for a False positive with WMI protection Fix for an ASLR block with MS Office due to a conflict with...
Read more: Attackers can turn Microsoft's exploit defense tool EMET against itself | PCWorld
Read more: Microsoft: Windows 10, Edge so secure they don't need our EMET anti zero-day shield | ZDNet See also: Enhanced Mitigation Experience Toolkit (EMET) for Windows 10 - Windows 10 Forums
Solved Malwarebytes Anti -Exploit in AntiVirus, Firewalls and System Security
At the moment I'm using Bitdefender anti virus and Malwarebytes anti malware. Would it be advantageous to install the above program. I'm not sure I fully understand what this program is trying to do. I have read the description on their web site...
Source: Use an Anti-Exploit Program to Help Protect Your PC From Zero-Day Attacks For more information and download links, go to this thread: Latest Version Malwarebytes Anti Exploit
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 20:52.
Find Us