Page 1 of 1

Malwarebytes Anti-Exploit, SpywareBlaster and Iron

Posted: Thu Dec 31, 2015 2:30 pm
by bsol
In addition to Malwarebytes' outstanding Anti-Malware software (MBAM), Malwarebytes also offers a somewhat lesser known (but very powerful) protection that is called Malwarebytes Anti-Exploit (MBAE), which is particularly helpful in preventing sites from exploiting weaknesses in Chrome, IE, and Firefox. Both MBAM and MBAE are available in free versions.

Here is a link describing MBAE, including links to tests and a video showing how it works:
http://www.malwarebytes.org/antiexploit/

Because Iron is essentially running on the same core as Chrome, I believe Iron is vulnerable to the same online exploit kits that jeopardize the standard Chrome browser, but I don't see how to enable MBAE (or how to configure Iron) to provide this same protection for Iron.

There is a similar problem with regard to SpywareBlaster, a very lightweight but powerful software that provides excellent spyware protection for Chrome, but not Iron.

Iron's unique installation essentially means that it is unable to take advantage of these new security measures. As malware becomes increasingly sophisticated, and as anti-malware protections for browsers also become more sophisticated, it becomes increasingly important that Iron be designed in a way that enables it to utilize such protections.

The ironic situation now is that SRWare Iron -- which was conceived as a more secure browser option than Chrome -- is becoming LESS SECURE than Chrome, which can utilize protection such as SpywareBlaster and Malwarebytes Anti-Exploit.

Are the developers of Iron considering this? Is there anything users can do to enable Iron to utilize protection from SpywareBlaster and MBAE (or other similar security software)?

Re: Malwarebytes Anti-Exploit, SpywareBlaster and Iron

Posted: Thu Dec 31, 2015 9:40 pm
by lylejk
As memory serves me correctly, you cannot for the free version of Anti-Exploit. Don'e even believe the old way of spoofing Iron for Chrome by editing the ua.ini file worked. I've since un-installed Anti-Exploit and protect Iron using Privoxy and also plugins such as Chameleon (old version; current version only informs that a site uses super-cookies) and Privacy Badger. :)