Malware doesn't only get onto your computer by tricking you into downloading shady porn apps or fake Java updates. The sneakiest snoops can exploit subtle coding errors in the applications and programs you use, allowing them to slip past your defenses and steal your personal information. That's why we like Malwarebytes Anti-Exploit, a new feature from San Jose, California-based computer-protection company Malwarebytes.
Out of beta today (June 12), Malwarebytes Anti-Exploit monitors a selection of the most often used — and most often exploited — programs on Windows computers, including the Web browsers Chrome, Firefox and Internet Explorer, Adobe Flash and Microsoft Office. The creators say the software can tell when an attacker is trying to leverage an exploit against any of these programs — even if Malwarebytes wasn't previously aware of the specific exploit being used in the attack.
Instead of monitoring known software flaws for established exploits, Malwarebytes Anti-Exploit searches for "exploit-like behaviors" in these programs. This, Malwarebytes told us, is how the Anti-Exploit program is able to catch even exploits that the "white hats," i.e. good-guy hackers, don't know about yet.
This kind of behavioral analysis has been used in malware detection for years now. Called heuristic analysis, it focuses on looking at patterns in code or behavior instead of flagging individual instances of malware by comparing them to a database of known malware definitions. Antivirus programs can thus catch malware without needing to know exactly what kind of malware they're looking for.
Using Malwarebytes Anti-Exploit is simple: Just download the program and install it. The whole thing is only 2.5 megabytes in size. Because it looks for general behaviors instead of specific exploits, it doesn't require frequent updates as antivirus programs do.
The free version of Malwarebytes Anti-Exploit is available for Windows XP through 8 and 8.1, and covers Java and four Web browsers: Mozilla Firefox, Google Chrome, Internet Explorer and Opera.
The full anti-exploit protection, which costs $24.95 per year, also covers Adobe Acrobat, Adobe Reader, Foxit Phantom, Foxit Reader, Microsoft Office Word, Excel and Powerpoint, Windows Media Player (wmplayer and mplayer2), VLC Player, Winamp Player and QuickTime Player.
To develop the Anti-Exploit feature, Malwarebytes worked with the esteemed independent French security researcher pseudonymously known as Kafeine, who is currently testing the tool against the many exploit kits available on online black markets for criminals to buy and use.
"I couldn't get infected while browsing with it during the tests," Kafeine told Tom's Guide. "I have done 50 passes on 12 exploit kits."
Kafeine added that, in his opinion, Malwarebytes Anti-Exploit should work against most currently unknown (a.k.a. zero-day) exploits as well as known exploits, though, like its competitors, it might have trouble with kernel exploits.
Malwarebytes' free consumer antimalware product, Malwarebytes Anti-Malware Free, cleans PCs of already-installed malware, but doesn't proactively protect computers from being infected in the first place.
"Now with this with the additional Anti-Exploit [tool], we're moving into a more proactive protection for user," Malwarebytes' Pedro Bustamante told Tom's Guide.