Did you know that the majority of new malware is delivered via the web through a process known as a drive-by download attack?

The scenario is quite simple: you browse to a website and malicious code is downloaded to your computer automatically without your knowledge or approval.

Contrary to some beliefs, you do not need to browse to shady websites for this to happen. In fact, all websites are a potential source of infection either because they can get compromised or because they host a malicious advertisement.

driveby

Figure 1: Drive-by download scenario

This phenomenon takes advantage of software vulnerabilities that exist in browsers (Internet Explorer, Firefox, etc.)  as well as their plugins (Flash Player, Silverlight, Java, Reader, etc.).

There is no such thing as a “safe” site anymore

That is why it is crucial to keep your computer up-to-date and also get rid of programs you rarely use to reduce the potential attack surface.

But even so, there are times when even the most patched machines are still vulnerable. This happened on three occasions in January with three Adobe Flash Player zero-days.

A zero-day exploit means that there is no patch available from the vendor that could protect you. We documented such cases on this blog and described how popular websites were redirecting their visitors to exploit kits.

Fortunately, we, the good guys, are fighting malware and exploits every day to keep you safe. More specifically, our Anti-Exploit product is designed to stop web-borne or file-borne exploits before they unleash their malicious payload.

Today, we are proud to announce that a new version of Malwarebytes Anti-Exploit is now available for download.

On top of the usual bug fixes, this version brings out support for more applications, new protection techniques and a brand new alert window, just to name a few.

Here are some highlights from this latest release:

This slideshow requires JavaScript.

Advanced settings, for more granular control:

This slideshow requires JavaScript.

The alert window also had a makeover with additional details whenever an exploit is blocked:

MBAE_popup

Anti-Exploit protection is about being proactive and not giving the bad guys a single chance to compromise your system. Some pieces of malware can be cleaned up more or less easily but other types like ransomware can’t.

Anti-Exploit is the perfect complement to Malwarebytes Anti-Malware for a defense in depth in a world where cyber criminals are constantly pushing the boundaries and finding new ways to compromise your machines.

Malwarebytes Anti-Exploit comes in two flavours: The free or the premium version and both can be downloaded here.

Existing users can install the new version on top of the previous one or wait for a program update. More details and change log can be found in our forums here.

It’s time to ruin the bad guys’ day!