• Added new protection techniques for "Operating System Security Bypass Protection" Layer
• Added new protection techniques for "Application Behavior Protection" Layer
• Added ability to enable or disable pre-determined shields
• Added ability to manage (add/delete) custom shields
• Added visual distinction in traybar icon between started and stopped
• Added visual distinction between pre-determined, custom and CLI shields
• Added automatic upgrades to newer versions
• Added distintion between Free and Premium based on license key
• Free version protects browsers, browser add-ons and Java
• Premium version includes all shields and custom shields management
• Improved application termination when an exploit is blocked
• Improved optimizations results in reduced size of MBAE.EXE by 3.5 times
• Changed MBAE logs directory to %AllUsersProfile%\Malwarebytes Anti-Exploit
• Updated end user license agreement
• Fixed bug with GUI flashing for a second before minimizing to traybar
• Fixed bug with certain API hooks
• Fixed bug with unshielding right after installation
• Fixed false positive when playing DVDs in Windows Media Player

We are happy to announce the availability of Malwarebytes Anti-Exploit, version 1.04.1.1012!

This version includes a whole new set of exploit detection and blocking techniques, specifically for Layer1 to prevent exploit shellcode and for advanced Java exploit payloads. In addition it improves usability with Desktop-based Java applications and some other usability improvements. The changelog is as follows:

Added various new layer 1 and layer 2 detection techniques
Improved various aspects of installation and automatic upgrades
Improved UI to make it easier to activate Premium
Improved threat information telemetry
Improved Java shield to prevent slowdowns and FPs in desktop-based applications
Fixed FP with Excel addon
Fixed bug executing Desktop shortcut after install
Updated hooking framework

Changes in Malwarebytes Anti-Exploit 1.05.3.1012 Beta:
– Engine (DLL) code re-write to improve stability and compatibility
– Added mitigations DEP Enformcement, Anti-HeapSpraying and BottomUp ASLR
– Added new Layer0 “Application Hardening” protections
– Added Layer1 new generic ROP protection mitigations
– Added Layer1 new StackPivoting 64bit protection mitigation
– Added Layer2 new caller mitigations for 64bits
– Added Layer3 new application behavior mitigations
– Added trial mode to allow for testing of Premium version
– Added Quarantine of blocked payloads from Layer3 detections
– Added filename details for default and custom shields
– Added graphic user interface bitmaps
– Added new “Protection stopped” traybar balloon
– Added new counter which counts apps instead of processes
– Improved IPC communication between Service and protection DLL
– Improved management of 64bit processes by keeping mbae64.exe running
– Improved “other” custom shield profile to reduce potential FPs
– Improved Foxit Reader default shield to shield the latest version
– Improved exploit threat telemetry and logging
– Fixed false positive when opening Word or Excel under certain conditions
– Fixed false positive when installing and running Silverlight for the first time
– Fixed injection driver to resolve conflicts with third-party applications
– Fixed multi-select and edit options in Shields and Exclusions tab
– Fixed traybar icon right-click bug under Windows 8.1
– Fixed UI closing when right-clicking on traybar icon
– Fixed bug when double-clicking the traybar icon with UI open
– Fixed issues with shielded apps counter with Chrome and Java
– Fixed bug when uninjecting under certain conditions
– Fixed remaining issues which caused Java FPs under certain conditions
– Fixed DoS condition in the MBAE driver

Malwarebytes Anti-Exploit 1.05.1.1015

New Features:
• Engine (DLL) code re-write to improve stability and compatibility.
• Added mitigations DEP Enformcement, Anti-HeapSpraying and BottomUp ASLR.
• Added new Layer0 "Application Hardening" protections.
• Added Layer1 new generic ROP protection mitigations.
• Added Layer1 new StackPivoting 64bit protection mitigation.
• Added Layer1 new StackExec 64bit protection mitigation.
• Added Layer2 new caller mitigations for 64bits.
• Added Layer3 new application behavior mitigations.
• Added trial mode to allow for testing of Premium version.
• Added Quarantine of blocked payloads from Layer3 detections.
• Added filename details for default and custom shields.
• Added graphic user interface bitmaps.
• Added new "Protection stopped" traybar balloon.
• Added new counter which counts apps instead of processes.

Improvements:
• Improved IPC communication between Service and protection DLL.
• Improved management of 64bit processes by keeping mbae64.exe running.
• Improved "other" custom shield profile to reduce potential FPs.
• Improved Foxit Reader default shield to shield the latest version.
• Improved exploit threat telemetry and logging.

Fixes:
• Fixed false positive when opening Word or Excel under certain conditions.
• Fixed false positive when installing and running Silverlight for the first time.
• Fixed injection driver to resolve conflicts with third-party applications.
• Fixed multi-select and edit options in Shields and Exclusions tab.
• Fixed traybar icon right-click bug under Windows 8.1.
• Fixed UI closing when right-clicking on traybar icon.
• Fixed bug when double-clicking the traybar icon with UI open.
• Fixed issues with shielded apps counter with Chrome and Java.
• Fixed bug when uninjecting under certain conditions.
• Fixed remaining issues which caused Java FPs under certain conditions.
• Fixed DoS condition in the MBAE driver.
• Fixed memory leak under Windows 8.

Changes in Malwarebytes Anti-Exploit 1.05.1.1016:
• Engine (DLL) code re-write to improve stability and compatibility.
• Added mitigations DEP Enformcement, Anti-HeapSpraying and BottomUp ASLR.
• Added new Layer0 “Application Hardening” protections.
• Added Layer1 new generic ROP protection mitigations.
• Added Layer1 new StackPivoting 64bit protection mitigation.
• Added Layer2 new caller mitigations for 64bits.
• Added Layer3 new application behavior mitigations.
• Added trial mode to allow for testing of Premium version.
• Added Quarantine of blocked payloads from Layer3 detections.
• Added filename details for default and custom shields.
• Added graphic user interface bitmaps.
• Added new “Protection stopped” traybar balloon.
• Added new counter which counts apps instead of processes.
• Improved IPC communication between Service and protection DLL.
• Improved management of 64bit processes by keeping mbae64.exe running.
• Improved “other” custom shield profile to reduce potential FPs.
• Improved Foxit Reader default shield to shield the latest version.
• Improved exploit threat telemetry and logging.
• Fixed false positive when opening Word or Excel under certain conditions.
• Fixed false positive when installing and running Silverlight for the first time.
• Fixed injection driver to resolve conflicts with third-party applications.
• Fixed multi-select and edit options in Shields and Exclusions tab.
• Fixed traybar icon right-click bug under Windows 8.1.
• Fixed UI closing when right-clicking on traybar icon.
• Fixed bug when double-clicking the traybar icon with UI open.
• Fixed issues with shielded apps counter with Chrome and Java.
• Fixed bug when uninjecting under certain conditions.
• Fixed remaining issues which caused Java FPs under certain conditions.
• Fixed DoS condition in the MBAE driver.
• Fixed memory leak under Windows 8.

Changes in Malwarebytes Anti-Exploit 1.06.1.1010 RC1:
– Added new Layer3 mitigations for IE, Java and Office
– Added default protection for more popular browsers
– Added Chromium-based browser application family
– Added new alert window with exploit details
– Added protection traybar tooltip notification
– Added advanced configuration of mitigations per family
– Added configuration for general settings
– Added browse button when adding custom shields
– Added new mechanism to reduce known false positives
– Added anonymous submission of blocked exploits
– Added confirmation window for file-format exploit submissions
– Added Premium notifications in Free/Trial builds
– Added support for Windows 10
– Improved upgrade process to maintain existing custom shields
– Improved visibility in GUI of Management Console exclusions
– Improved error and crash reporting
– Improved missing GUI notification for guest user accounts
– Improved managed installation to avoid Start Menu folder creation
– Fixed false positive with Word or Excel under certain conditions
– Fixed false positive with LoadLibrary exploit mitigation
– Fixed false positive with web-based Java applications
– Fixed bug with timestamp conversions
– Fixed bug which could cause protection to stop during startup
– Fixed bug whereby LUA could start/stop protection

Malwarebytes Anti-Exploit 1.06.1.1019

New Features:
• Added new Layer3 mitigations for IE, Java and Office.
• Added default protection for more popular browsers.
• Added Chromium-based browser application family.
• Added new alert window with exploit details.
• Added protection traybar tooltip notification.
• Added advanced configuration of mitigations per family.
• Added configuration for general settings.
• Added browse button when adding custom shields.
• Added new mechanism to reduce known false positives.
• Added anonymous submission of blocked exploits.
• Added confirmation window for file-format exploit submissions.
• Added Premium notifications in Free/Trial builds.
• Added support for Windows 10.

Improvements:
• Improved upgrade process to maintain existing custom shields.
• Improved visibility in GUI of Management Console exclusions.
• Improved error and crash reporting.
• Improved missing GUI notification for guest user accounts.
• Improved managed installation to avoid Start Menu folder creation.
• Improved settings tab by removing the need for Apply button.

Fixes:
• Fixed false positive with Word or Excel under certain conditions.
• Fixed false positive with LoadLibrary exploit mitigation.
• Fixed false positive with web-based Java applications.
• Fixed bug with timestamp conversions.
• Fixed bug which could cause protection to stop during startup.
• Fixed bug whereby LUA could start/stop protection.
• Fixed bug when trying to activate invalid license.
• Fixed user interface bug in settings tab.

Changelog>>

New Features:
• Added new Layer1 exploit mitigations for ROP detection
• Added new Layer1 exploit mitigations for IE VB scripting
• Added new Layer3 exploit mitigations for Powershell abuse
• Added telemetry from Firefox & Chrome
• Added ability to edit custom shields
• Added ability to log protection events to UI
• Added ability to auto-upgrade corporate builds
• Added support for Windows 10
• Added blacklisting of pirated and fraudulent license keys

Improvements:
• Improved Java shield in corporate environments
• Improved exploit telemetry
• Removed duplicate default shields for portable browsers

Fixes:
• Fixed issue when printing to Adobe PDF
• Fixed issue with Speedbit Download Accelerator
• Fixed issue with plugins from PowerDVD and GAS Tecnologia
• Fixed issue with certain exclusions not respected
• Fixed issue with Knowledge Coach Office Add-In
• Fixed issue with false positive from IE
• Fixed issue with Foxit Reader startup
• Fixed issue with Excel PowerQuery
• Fixed issue with Excel DEP Enforcement

New Features
Added new Layer1 exploit mitigations for ROP detection
Added new Layer1 exploit mitigations for IE VB scripting
Added new Layer3 exploit mitigations for Powershell abuse
Added telemetry from Firefox & Chrome
Added ability to edit custom shields
Added ability to log protection events to UI
Added ability to auto-upgrade corporate builds
Added support for Windows 10
Added blacklisting of pirated and fraudulent license keys

Improvements
Improved Java shield in corporate environments
Improved exploit telemetry
Removed duplicate default shields for portable browsers

Fixes
Fixed issue when printing to Adobe PDF
Fixed issue with Speedbit Download Accelerator
Fixed issue with plugins from PowerDVD and GAS Tecnologia
Fixed issue with certain exclusions not respected
Fixed issue with Knowledge Coach Office Add-In
Fixed issue with false positive from IE
Fixed issue with Foxit Reader startup
Fixed issue with Excel PowerQuery
Fixed issue with Excel DEP Enforcement