You still need standard signature-based antivirus protection—those old viruses, Trojans, and other malicious programs aren't going away. But antivirus alone isn't sufficient to protect you against zero-day exploits. Zero-day means it's never been seen before, so there's no way a signature could exist. Malwarebytes Anti-Exploit Free, the free, feature-limited version of Malwarebytes Anti-Exploit Premium, protects against exploits and doesn't need any signatures. Read my review of the premium edition, everything in that review applies to the free edition as well, with a few exceptions that 'll summarize here.
Browser Protection
The free edition injects protection into Chrome, Firefox, Internet Explorer, and Opera, protecting both the browser and any add-ins. It also protects Java. For $24.95 per year, the premium edition extends protection to Microsoft Office applications as we as to popular PDF readers and media players.
In the premium edition, you can turn protective shields on and off for particular applications, and even create custom shields. The free edition's settings are fixed; it shields those five specific programs, no more and no less.
It Works!
Each exploit targets a very specific version of the victim application, and most won't work with a different version. That makes testing tough, because Malwarebytes won't trigger unless the exploit has potential to succeed. Malwarebytes commissioned a test by security blogger Kafeine, to demonstrate that the product works. Kafeine hit Malwarebytes with targeted variants of the 11 most common exploit kits. It blocked them all.
I wanted hands-on experience, so I enlisted help from analysis firm MRG-Effitas. The company's CTO supplied me with in-the-wild exploits captured using the Fiddler Web Debugger. I carefully configured a victim system with the correct program versions and launched the recorded attacks. Malwarebytes blocked them.
Kafeine also supplied me with a half-dozen real-world sites currently compromised by exploits, including one major retailer. A couple had already been fixed, but Malwarebytes blocked the rest.
Worthwhile Protection
Malwarebytes Anti-Exploit Free doesn't spend bandwidth on updates, and it takes up just 3MB on disk. It's a worthwhile addition to your collection of security tools. You won't even know it's there, unless it blocks an exploit. For those who are mainly worried about Web-based attacks, the browser protection it offers may be sufficient. If you're also concerned about targeted attacks, or attacks coming via documents and PDFs, considering springing for Malwarebytes Anti-Exploit Premium.
No comments:
Post a Comment