Jump to content

Malicious Website Protection problem, any status update ?


Recommended Posts

@Tabvla

What DD was hinting to is you are using the WRONG version of MBAM at these locations. You still have full control when using the proper BUSINESS version 1.75.

 

 

Porthos, thanks for your comment, which I agree is technically correct.  I must add that I have no control over what version of MBAM users decide to install.  My role is to advise, it is up to the owners of the business to make those decisions.

 

However, in the real-world, decisions are often based on cost and ease-of-use.  The following real-world examples illustrate this.

 

Example 1.  A small business which is operated from a Home Office, uses 3 computers.  The users are not "techy" and therefore use systems which they can understand.  In this scenario the 3-license version of MBAM Premium is a good option - cost effective and does not require a degree in computer science to use.

 

Example 2.  A small business is operated from a downtown office.  It uses 10 computers.  One of the users is somewhat "techy" and generally looks after the systems as long as it is nothing too complicated.  Because of the nature of the business only 3 computers are connected to the Internet on a permanent basis.  The other computers only connect to the Internet for very short periods of time to update Windows and other business-critical software.  For the 7 computers that have only very limited exposure to Internet risks, Windows Firewall and Windows Defender are adequate.  For the 3 computers that are permanently connected to the Internet an additional level of security is employed.  In this example the 3-license version of MBAM Premium is used. 

 

Example 3.  A medium size business operated from a business park.  It uses 20+ computers on a LAN which is permanently connected to the Internet.  They employ a full time IT "guy or gal" to keep the IT running smoothly.  This operation uses MBAM Business.

 

In the first two real-world examples there is nothing "WRONG" about using the non-business version of MBAM

 

In the third real-world example it would be "WRONG" to use the non-business version of MBAM.

 

T.

Link to post
Share on other sites

  • Replies 66
  • Created
  • Last Reply

Top Posters In This Topic

Hi:

 

Porthos, thanks for your comment, which I agree is technically correct. 

 

In the first two real-world examples there is nothing "WRONG" about using the non-business version of MBAM

 

In the third real-world example it would be "WRONG" to use the non-business version of MBAM.

 

T.

 

 

EULA

 

How can I legally use Malwarebytes Anti-Malware in my Business or Corporate environment (including Government, Education, & Non-Profit)?

 

 

 

The use of Malwarebytes Anti-Malware Free, PRO, or Premium was designed for personal home use only.

 

Driving drunk is illegal, even if one doesn't "feel" drunk and even if one is not caught.

 

Thanks,

Link to post
Share on other sites

Dale, did you not notice that I used inverted commas around the word "WRONG"...?

 

What did you think the inverted commas meant...?  At no time did I refer to the EULA or use the word "legal" or "illegal".

 

It is not within my remit to comment or advise on the legal aspects of the use of software by an individual or organization.  My remit is limited solely to advise on the technical performance of hardware, software and IT systems. 

 

T.

 

Link to post
Share on other sites

My remit is limited solely to advise on the technical performance of hardware, software and IT systems.

 

So putting MBAM aside at the moment. You have a client running bootleg copy's of Windows Office Adobe ect, And if something with those goes wrong you will keep installing and working with those  un-properly licensed as well?

Link to post
Share on other sites

  • Root Admin

Side note that here in the U.S. as an IT Support employee or consultant if you knowingly install or assist in the installation of illegal software you personally (not just the company) can be held liable and fined.

 

Let's go ahead though and try to stay on topic about the current issue with MBAM for now please. Thank you

Link to post
Share on other sites

  • 3 weeks later...

1.  It is still broken 6 weeks after having been reported by David Marcus

2.  UI still shows incorrect information - "Protected" when in fact "Not Protected" - wrong information is worse than no information

3.  Still no feedback from MBAM support - last update 3 weeks ago by AdvancedSetup

 

Very disappointing.

 

It used to be a great product with a great team of people supporting it.  That appears to be no longer the case.

 

T.

Link to post
Share on other sites

I agree T.

To MBAM staff and helpers,

I'm just a home user, considered the "family geek" trying to help and advise others as best i can.
I've suggested/advised, help install/fix, etc., MBAM paid for several people, in some cases buying the product and giving as a free gift to someone who could not or would not buy the product.
I now feel like I'm getting mud thrown on my face, for my bad advice, to use and trust MBAM.
I don't know how to explain "well real-time protection isn't working now, but they will fix it soon..."

In V1.x I could create work-around solutions using Command Processing.
V2.x does not have Command Processing, it got dropped with the new V2.
I asked about that when V2 was in Beta and was told "We'll add it to a later release" ...
That was apx. 2 years ago.
I'm still waiting for Command Processing.
If I had Command Processing maybe I could come up with a workaround fix for this problem...
Is MBAM ever going to add Command Processing to V2.x, or was I lied to ?
I'm pretty patient, but 2 years ... that taxes my patience ...
Read the history, this question has been asked by others and myself ...

Is MBAM going to spend 2+ years trying to figure out and maybe fix the current problem ?
MS puts out Patch Tuesday updates.
If they find a patch is bad, they quickly pull it until it can be fixed.
Why can't MBAM pull the "bad update" quickly, until they have a working solution ?

In V1.x I could not manually update the DB definitions when logged into a LUA.
In V2.x I could manually update the DB definitions when logged into a LUA, until this issue with a program update.
I've read MBAM (Ron) opinions on not allowing an LUA to manually update the DB, and i think that is short sighted / closed minded.
MBAM could allow an ADMIN to authorize an LUA to update definitions.
If you want to enforce ADMIN authority for this, read the options MS Windows Updates offer ... need i say more ?

On Start-up MBAM tries to update the DB definitions before a network connection is established.
The update fails, it's had this error forever, it still has this error to this day.
In V1 I could create scheduled task / Command Processing to update the DB definitions using Admin authority when logged in with LUA, after a network connection was established.
That workaround worked reliably for me for many years.
Well, with V2 I couldn't use this workaround, but i could manually update DB definitions as a LUA.
I won one, I lost one, and accepted it as is, I could keep DB definitions as current as i wanted ...
I couldn't use a scheduled task, but i could manually update.

I have never seen another security product not be able to wait for a network connection established before downloading new DB updates.
Why can't the MBAM auto update wait for a network connection before attempting a download, and failing because the network connection is not established ?
If i can do this with V1 Command Processing and a Scheduled Task, it really can't be that difficult.
As this has been an issue with MBAM updates for many years, it makes me wonder about the competency of MBAM programming.
Sorry if you don't like my opinion, but i'm a retired programmer, so i do have a bit of experience with technical issues ...

So, Ron, Becky, and all MBAM staff and forum helpers, you are not responsible for helping further with this issue, it's not your job, right ?
And QA doesn't comment, i guess it's not their job to monitor the forum and try to help, right ?
Can someone escalate this issue to someone who can answer ?
RubberDucky would be fine with me, if he cares.

Right now I'm not seeing were i can depend on MBAM real-time protection.
How can I trust it, and recommend it to folks I help ?

In post #25 I asked
"Is there a way to test that Malware Protection is working, similar to the MBAM IP block test site ?"
I never saw an answer to that question.
Why was I ignored, or did i miss the answer ?
Does MBAM staff know how to verify if Malware Protection is working, or do they not want to answer this and sweep the question under the rug ?

I know the problem today is with a known unreliable Malicious Website Protection issue.
But how do i know if an hour from now, or any-time, Malware Protection is or is not working ?

My post is not meant to be demeaning, ranting, etc.
I just would like to know if MBAM protection can be trusted, when and how.
If not, when will it be fixed ?

Does RubberDucky read this forum, and care if MBAM protection works reliably ?

Link to post
Share on other sites

Hi Tabvla and DavidMbncus--

 

I know it can be extremely frustrating waiting on a fix after you've reported a problem what seems like ages ago.  Our QA and dev teams have been actively researching this issue and working not only on a permanent fix to be included in our next patch release, but also trying to figure out an interim work-around that we could provide to folks experiencing this immediately--precisely because we understand this is an important issue that needs to be addressed ASAP.

 

And I'm happy to report we have a solution for you now that should fix the problem of database updates not being handled correctly in LUAs, and the related issue of Malicious Website Protection not starting correctly.  

 

Please follow the steps that my colleague tetonbob outlined in his post here.  That should resolve the issue until our next MBAM update is released with the permanent fix.

 

As for your other questions, DavidMbncus, I'll do my best to answer where I can.

 

We still are planning to add Command Line support back into the product again in a future release, but I can tell you that it will not be in our next planned patch release.  It will more than likely be part of the larger release we're also working on that involves an extensive re-architecture of MBAM.  So I'm afraid the wait on that one is going to be a bit longer.

 

As far as a way to test your real-time Malware Protection is actually working, you could try Spycar.  Our real-time protection should alert on its tests.  (note that spycar is not a Malwarebytes-sponsored site or product, so I'm only pointing it out as a potential resource -- you should use it at your own risk.)

 

And lastly, as to the question about it not being my job to help further on this issue, I hope you see from this response that's not the case at all.  It's very much my job.   :)   All our teams--QA, Dev and Product Management--work together daily solving problems (like this one) and getting fixes (and new features!) released just as quickly as possible.  However I'm sure you understand that even though we all want this process to happen quickly, it takes time so we can devote proper test time to ensure we don't make matters worse by rushing out code that hasn't been fully tested.  So "quick" never really seems quick enough.   :)

Link to post
Share on other sites

And I'm happy to report we have a solution for you now that should fix the problem of database updates not being handled correctly in LUAs, and the related issue of Malicious Website Protection not starting correctly.  

 

Please follow the steps that my colleague tetonbob outlined in his post here.  That should resolve the issue until our next MBAM update is released with the permanent fix.

Thanks Becky,

I've been testing the temp patch and so far it works for me, MWP works after DB updates for an LUA.

Link to post
Share on other sites

  • 2 weeks later...

Hi Tabvla--

 

There is no new update beyond what I had already stated in this post:

 

>>Please follow the steps that my colleague tetonbob outlined in his post here.  That should resolve the issue until our next MBAM update is released with the permanent fix.

 

The interim fix to run mbam2-rules so far has been working great for any users experiencing this issue.

 

We're hoping to release the next MBAM patch release just as quickly as possible (and there is an end-date in sight!), but I cannot give you an exact release date.  It's dependent on many issues such as QA testing, feedback from early testers, etc.

 

As usual we'll post an announcement in the main Malwarebytes news forum here once the release is available, so would be best to watch that forum.   :)

Link to post
Share on other sites

  • 3 weeks later...

I see that a new version 2.2.0.1024 has been released which resolves the limited user account issues addressed in this thread. Thank you to the mbam team for that.

 

I installed TetonBob's fix (which has continued to work very well) a couple of weeks ago. Are there any special steps I need to take relative to TetonBob's fix before I install 2.2.0.1024?

Link to post
Share on other sites

Hi calintexas--

 

You do not need to take any special steps and may simply install MBAM 2.2.0.1024 over 2.1.8.1057.

 

This latest release addressed a number of issues with limited user accounts, so hopefully you'll no longer run into any problems.   :)

Thanks Becky, I installed 2.2.0.1014 over the top of the current installation, and everything seems to be working fine.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.