As with any piece of software, the user experience begins with the download of the installer. The homepage for the application at https://www.malwarebytes.org/antiexploit/ has a very clear button for the download.
My download of the “mbae-setup-1.05.1.1016.exe” was nearly instant resulting in a whopping file less than 3MB’s in size.
Before I continue let me interrupt myself by saying that I have had previous experience with Malwarebytes products and was around during the transition to the newer anime–esque style they are using on the site. Don’t get me wrong, I like and have watched my share of anime! If this was my first time visiting the site or using their products however I would likely be somewhat dubious after seeing the homepage. Don’t let this fool you however, they take security and their products seriously.
I’ll be attempting to continue from the perspective of a first time user to the best of my ability though I have followed Malwarebytes Anti-Exploit since beta and been a happily paying customer since shortly after the official release. I used a freshly installed Windows 7 x64 Virtual Machine for the creation of this review.
The installation is quick and painless with absolutely no hidden toolbars or secondary software auto opt-ins we so often have to watch out for with new software.
It has a relatively standard install interface and only one real option which you may even want to keep an eye out for as shown below.
By default the option “Enable free trial of Malwarebytes Anti-Exploit Premium”
is checked. As you can see from the picture above I unchecked it for the purpose of reviewing the free features of the software first.
After the very quick installation is finished we are greeted by a small interface broken down into just a few tabs along the top.
The first tab, “General”, is straight forward enough including the basic options to “Close” its window or “Stop Protection”. It has an indicator reflecting the state of the program as “Running” or “Stopped” but also includes the revision number and helpful statistics such as how many applications are actively running under the protection of Malwarebytes Anti-Exploit (Shielded applications) along with how many exploit attempts the program has blocked.
The second tab, “Shields”, is perhaps the most potentially confusing part of the interface. After soaking it all in however I believe that very few people will have trouble with it. The bulk of the window is filled with only two columns. One which contains the Application Name/Title, the other has the file name of the application as it exists on the computers drive.
Aside from those two columns there are only four buttons near the top to worry about. However as the picture above shows, they are all grayed out! This is the only real limit of the free version: preventing customization of the protection.
You may also note starting around Adobe Acrobat that the locks are ‘unlocked’ meaning that even though it has predefined rules for those applications, those rules will not be enforced while using the ‘free’ version. As you will see later however the trial and premium/paid versions do not have this limit.
Being able to use the free version only for it’s protection on the most popular browsers and java is no small thing despite the longer list continuing with so many other unprotected applications. Unfortunately events have proven that even large, trusted sites, may not be up to the task of protecting their viewers from malicious ads that are being served through their site which make use of exploits. As such browsing the web will likely be the most common point any user will unknowingly face an exploit attempt.
That said, it would still be nice to see a few others on the list of enabled-by-default for the free version. Many OEM computers come pre loaded with Adobe Acrobat and some version of Microsoft Office. Windows Media Player has a bit of history with exploits and is installed by default with just about every version of any Windows Operating System.
Adding those to the default protection list might leave the unprotected applications of the free list fairly short but it would make it much more suitable for a huge user base to confidently make use of ’just’ the free version.
What other limits does the free version have? Well, none! In fact it was at this point I reset my virtual machine to a clean state and installed Malwarebytes Anti-Exploit again ensuring that the free trial was selected so that I could explore the rest of the application.
During the free trial, or if you purchase a premium license, all the default shields are enabled.
Originally only the “Add Shield” button is usable but by clicking on any application in the list some buttons will become enabled where they are relevant.
Starting with the “Add Shield” option we see the only window, that is in my opinion, likely to stump some users. There are those who don’t have the faintest idea what an exe is or how to find out the information required here. My own grandmother is one of these people and having a “drag n’ drop” feature here would likely allow her to use the program without much hassle.
Generally those same users will know the name of the application and be able to find the shortcut on the desktop or the start menu. Being able to drag and drop a shortcut onto the add shield window and have the program parse it for the exe name would solve this issue. The rest of us can easily find the information without difficultly and are only left with choosing an appropriate profile.
The application shown in the picture below (PaleMoon, an offshoot of Firefox) is a browser so choosing the profile was simple. Some applications may require a bit of thought and/or testing to find the correct choice.
If in doubt – do not fear! There is a forum where you may ask for input or help.
After pressing OK on the Add Shield screen we will see a new “user” shield highlighted in blue
The hardest part is done! Clicking on the newly created rule in the list will enable some of the other options.
Activate or Deactivate simply turns the selected shield on or off. This is reflected by the state of the lock icon. Having already covered the “Add Shield” option leaves us with “Remove Shield”. If you made a mistake in the creation of the rule or no longer want an application to be guarded you can select the rule and click on Remove Shield to delete it. You may also disable any of the pre-made rules if you desire but cannot remove them. Strangely enough there is no ‘edit’ button or any way to view the profile that an application is currently using. Both of these seem logical additions for this section but are currently absent.
Now that we have covered the most complex aspect of the application it is time to move on to the other tabs. The rest are pretty self explanatory and well designed.
The Logs tab holds a record that reports information which some users like myself appreciate seeing.
While Anti-Exploit is designed to prevent exploits from running it doesn’t stop there. The logs reflect some of the additional steps taken to re-enforce (or harden) the protected applications. Unlike some tools, as a standard user with Malwarebytes Anti-Exploit, you don’t need to understand what DEP, ASLR, or Anti-HeapSpraying are. You can rest easy knowing that it is doing some heavy lifting behind the scenes to help keep you safe.
If you’re like me you don’t keep any exploit samples so in order to see Malwarebytes Anti-Exploit in action you can downloaded a safe test file like I did : https://forums.malwarebytes.org/index.php?showtopic=139368
Upon clicking the “Exploit” button you will almost immediately see an alert.
Along with a matching line in the Logs. ¡ “An exploit code has been blocked”
They also have an “exclude” button here for instances where an application may be incorrectly blocked. This let’s a user troubleshoot a bit but could be dangerous to use. Their own help file has this to say on the subject:
Warning: If you are not certain that a file is safe, please do not assume that it is. Your computer could become infected if you guessed wrong!
I have not yet encountered an event that required me to make use of this feature but it is a nice touch to have on hand as an option. If I did encounter something I thought was a false positive I would most likely report it on the forum and let the experts decide.
The exclusions window is fairly easy to grasp.
While the pictures list is empty it has only three columns of information that would be displayed and one button with which to “Remove” an exclusion from the list.
This brings us to the final tab, the About screen. Similar to the General tab it provides some basic information such as the state of the program along with the License type and a few helpful links.
Being slightly critical once again, it is my opinion that the large status sections of the ‘General’ and ‘About’ screens could be reduced in size and the About screen information added to the General tab. Yet at the same time ~ it doesn’t really bother me.
Now that I have covered most aspects of the application from a users perspective we are left with the end of the trial.
Upon reaching the 14 day trial expiration a user will not be left completely defenseless but instead the program will revert to using the ‘Free’ version limitations described earlier in the review. As I stated before, even though the free version may be lacking in ‘sheer numbers’ of active pre-defined rules, it is no slouch as it offers protection for the most used and “most-targeted” applications. Eg browsers along with java!
Summary and final thoughts:
While I would love to be able to delve into the more involved aspects concerning its protection I do not feel I am qualified to do so. There are however qualified sources that have already preformed tests in the past such as:
I had no trouble learning or interacting with the interface and believe that they have done a superb job of making it user friendly. While I have noted some areas I personally feel it could be improved upon there is nothing that makes it ‘less useful’ or ‘overly difficult’ to handle in the current state. The interface seems to be geared toward “easy use” for all and by implementing a few improvements (even if they aren’t the same as the ideas listed above) in certain areas this would likely be the result.
A huge plus for me is that there are no online registration or forms to fill out in order to start the trial. That means no email address required in order to download or potential spam following in its wake!
The program size, memory consumption, and cpu usage for the application and its services is extremely low and has virtually no impact on my system. (As in I can see NO difference.) It doesn’t require signature updates or cloud scanning! Once a shield is set- it does its work, silently protecting in the background, and only bothers you if it has encountered and protected you from a potential exploit attempt.
One of the best parts has less to do with the application itself and more to do with the people behind it. I’ve had interactions with some of the staff on the forums and not only are they polite, they seem genuinely interested in helping, protecting users, and improving their product. Some applications I’ve followed starting in the beta stages virtually stop everything but bug fixes once they reach the release point. Not so with the folks behind Malwarebytes Anti-Exploit!
In fact, instead of trying to sweep issues under the rug like some vendors might they even have a hall of fame for people who have found flaws:
I personally find this amazing and commendable!
Just like an Anti-Virus, a dedicated Anti-Exploit software is an important layer of protection to have in todays online environment. Malwarebytes Anti-Exploit is not only effective but it is an easy-to-use solution with only a few small areas where I believe it could show improvement in the graphical interface before I would trust that my own grandmother could use it competently!
I already use Malwarebytes Anti-Exploit Premium on my live systems and have previously suggested it to family and friends (and will continue to do so). If you are lucky it will never have to do the job of stopping an exploit. Still, even if you only use the free version for browser protection.
Filed Under: Giveaways and contests