Recently Malwarebytes corporation has acquired ZeroVulnerabilityLabs and rebranded its Exploitshield which offers protection for browsers and applications against zero-day vulnerabilities in Windows as Malwarebytes Anti-Exploit (MBAE). This lightweight tool, which is currently in beta and works with other antivirus and anti-malware products once installed doesn’t require any signature or definition updates, it is currently offering exploit protection for the following applications.
Browsers: Internet Explorer, Firefox, Google Chrome and Opera.
Browser Plugins: Java, Flash, Shockwave, acrobat and other plugins.
Other desktop applications: Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Adobe Acrobat Reader, Adobe Acrobat Pro and Foxit Reader.
Exploit Test for Malwarebytes Anti-Exploit
Download and install MBAE, make sure it is running- its icon in the notification area and process mbae.exe running under Processes tab in Task Manager confirms that. Now download mbae-text.zip file -developed by Malwarebytes to aid users in confirming whether Anti-Exploit tool is actually working or not in their computers?And this file is not malicious, but it mimics as such – extract its contents to a folder and run the executable.
It offers two buttons: Normal and Exploit. When you click ‘Normal’, Windows Calculator program will open using normal system calls. When you click ‘Exploit’, calculator will open using other system calls using exploit techniques which loads payload aka malware.
If MBAE is installed on your computer and working, then after clicking Exploit, it should caught exploit by showing a popup with message ‘Exploit Attempt Blocked, Anti-Exploit has blocked an exploit attempt’ and offers ‘close’ button on dialog (check the screenshot below).
If MBAE has done that on your computer, then it has passed the Exploit test and and you can relax and concentrate on your work as Malwarebytes Anti-Exploit tool continues to protect supported applications against exploits by running silently in the background.