Rich-M
Well-Known Member
OK here is the answer from Emsisoft as to the differences in how MBAE and Emsisoft work so once again now in order to have this coverage at Mbam you are up to $50 a year vs $40 as you need both there:
"For those of you who are unfamiliar with exploits, we put together the video below. Basically, these threats abuse vulnerabilities in everyday software applications such as browsers, office documents and PDFs and use these to download malware. Malwarebytes Anti-Exploit wraps these applications in three layers of defense, monitoring them for suspicious activity and stopping it at source.
I bolded the interesting line in the quote above. What MBAE does, is that it blocks vulnerability exploitation in software (the pro version monitors more applications than the free version). So, it interferes and interrupts exploitation before any download attempt is made. That is effective, but also means that, whatever malware is dropped differently (for example using a malicious email attachment) will be ignored, because that is not what MBAE monitors.
Our behavior blocker will not always detect the vulnerability exploitation, instead it will alert the user whenever actual malware or malicious activity is detected (to stick with the quote above, it will warn you whenever a malicious file is downloaded/dropped/executed as result of the exploitation).
This means that MBAE will block a bit earlier, but Emsisoft products will not allow the creation/execution of the actual malicious files and actions (payload of the exploit kit) on the computer and the results will be in both cases a clean machine. On top of that, contrary to MBAE, Emsisoft products monitor for this kind of activity, no matter if it originates from an exploited Java version, a malicious email attachment or a drive-by download."
I hope this clarifies things, if you have further questions, please let me know."
From Emsisoft Blog
"For those of you who are unfamiliar with exploits, we put together the video below. Basically, these threats abuse vulnerabilities in everyday software applications such as browsers, office documents and PDFs and use these to download malware. Malwarebytes Anti-Exploit wraps these applications in three layers of defense, monitoring them for suspicious activity and stopping it at source.
I bolded the interesting line in the quote above. What MBAE does, is that it blocks vulnerability exploitation in software (the pro version monitors more applications than the free version). So, it interferes and interrupts exploitation before any download attempt is made. That is effective, but also means that, whatever malware is dropped differently (for example using a malicious email attachment) will be ignored, because that is not what MBAE monitors.
Our behavior blocker will not always detect the vulnerability exploitation, instead it will alert the user whenever actual malware or malicious activity is detected (to stick with the quote above, it will warn you whenever a malicious file is downloaded/dropped/executed as result of the exploitation).
This means that MBAE will block a bit earlier, but Emsisoft products will not allow the creation/execution of the actual malicious files and actions (payload of the exploit kit) on the computer and the results will be in both cases a clean machine. On top of that, contrary to MBAE, Emsisoft products monitor for this kind of activity, no matter if it originates from an exploited Java version, a malicious email attachment or a drive-by download."
I hope this clarifies things, if you have further questions, please let me know."
From Emsisoft Blog