Internet Explorer blocked exploit in beta

[l123]

I'm using the latest beta version (1.06.1.1012), so not sure if I should be posting there, but I tried to open internet explorer and got an exploit blocked pop-up (logs attached). Is this an FP?

 

Thanks!

Malwarebytes Anti-Exploit.zip

[pbust]

Go to MBAE advanced settings and under Application Hardening uncheck BottomUp ASLR Enforcement for Browsers. Click Apply and then try to open IE. Does it open now?

[l123]

I disabled BottumUp ASLR and opened explorer without an alert, but then I re-enabled it and was still able to open it without an alert. After the alert, I installed hitman pro alert, disabled mbae and opened explorer without a problem (hitman pro alert has bottemup ASLR enabled for everything- chrome, iexplorer, etc.- by default). But, when I opened it with hitman, I was asked if I wanted to allow my search page to be changed to yahoo.com (which was fine, it was part of the comodo installation and I don't mind helping out and then changing it back if I want to). I clicked allow and then later did these tests with mbae (after disabling hitman pro protection for explorer). Is it possible the dialog to change the default search triggered this? That was already done by the time I read your advice and tried again, which could explain the failure to replicate the alert.

 

Thanks for your help!

[pbust]

Thanks for the details.We might try to repro that scenario.

 

PS: moving this thread to the experimental sub-forum.