Thursday, December 08, 2016

Malwarebytes Version 3.0 Released


Malwarebytes Version 3.0, announced as a public beta one month ago, has officially been released.

Malwarebytes Premium subscribers will be pleased to learn that in addition to the anti-malware product, Version 3.0 of Malwarebytes also includes Malwarebytes Anti-Exploit and Malwarebytes Anti-Ransomware.  With that combination, new subscription purchases for Malwarebytes Premium will be $39.99 per computer per year, a savings of $9.91 and about 33% less than the average traditional antivirus license.

Due to the layered defense built into Malwarebytes 3.0, Malwarebytes (MBAM) Premium subscribers have the option of keeping their traditional anti-virus software program or they can uninstall it and just run MBAM.  MBAM 3.0 is compatible with all major antivirus software, including Windows Defender and Microsoft Security Essentials. 

Malwarebytes Anti-Malware users with a perpetual subscription are grandfathered and users of the free versions need not worry, all three programs remain available as free stand-alone versions.

A Few of the Changes and Improvements:

  • Although the new version retains the protective capabilities of Malwarebytes Anti-Malware v.2.x along with the efficacy of the web modules, Version 3.0 is a complete rewrite and re-architecting of the earlier Malwarebytes Anti-Malware v.2.x.
  • You'll notice a major improvement in scan time.  A threat scan on my Windows 10 Pro, Version 1607 with MBAM v2.x took 32 minutes, 45 seconds to scan 358,337 objects. On Windows 10 Pro Insider Preview Build 14971, it only took 21 minutes, 22 seconds to scan 434,652 objects.  That was ten minutes less for almost 100,000 more objects with MBAM v3.0!
  • Updates should be applied automatically according to the setting located on the Settings > Protection tab and should only alert you if there is an issue.
  • The Scan Schedule can be a changed or additional scans scheduled from Scan Schedule.
  • The Reports section includes all Scan Reports and any Real-time Detection / Block events. IP blocks will be in the Reports area entitled ‘Website Blocked’ report Malware files blocked will be in the Reports area entitled 'Malware Blocked'.  The Protection Logs, which merely provided a list of the application and event actions for the day have been removed.  Thus, only Scan and Block reports are included in the Reports section.

System Requirements:  Malwarebytes Version 3.0 is supported on all versions from Windows XP to the latest Windows 10.  Note, however, that the Anti-Ransomware technology is only enabled on Windows 7 or higher.

Update:

Malwarebytes 3.0 can be installed over the top of your exist Malwarebytes programs.  If you do not want to wait for the upgrade to be offered, you can download and run the installer from https://www.malwarebytes.com/ (direct download link here)  Malwarebytes 3.0 will automatically remove the old Anti-Malware, Anti-Exploit and Anti-Ransomware and upgrade them all to Malwarebytes 3.0. 

References:




Home
Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, December 02, 2016

Pale Moon Version 27.0.2 Releaed as DiD


Pale Moon
Pale Moon has been updated to Version 27.0.2, released as a DiD* patched update that fixes the crash at the root of CVE-2016-9079.  The update also includes usability fixes.
*DiD stands for "Defense-in-Depth" and is a fix that does not apply to an actively exploitable vulnerability in Pale Moon but prevents future vulnerabilities caused by the same code when surrounding code changes, exposing the problem.
Details from the Release Notes:


    Security fix:
    • Fixed a crash in SVG, related to CVE-2016-9079, as a defense-in-depth measure.
      Usability Fixes:
      • Enabled Firefox Compatibility mode by default for the useragent string.
        Unfortunately too many websites (and especially the big players who should know better like Google, Apple and Microsoft) still require the "we must pretend to be Firefox if we want this site to work" status quo to be maintained, because people still insist on using useragent sniffing to determine "browser features", or even worse, discriminate against free choice of browser by flat-out refusing service (I'm looking at you, banking industry and cloud services!) when visiting websites just because companies don't want to provide assistance to any but users on the main 3.
        HTML offers plenty of ways to do proper feature detection; site owners should use them.
        Seriously people, it was a bad idea 20 years ago, and it's a worse idea in 2016.
      • The built-in devtools are back, and with a facelift!
        Thanks to some consistent community help, the built-in devtools, sorely missed by a number of our users, are back. They've received a code and style update and should be fully functional on the new platform. This was originally planned for 27.1, but it was decided to include this as soon as possible, not in the least to assist extension developers in their efforts to adapt to Pale Moon 27.
      Minimum system Requirements (Windows):
      • Windows Vista/Windows 7/8/10/Server 2008 or later
      • Windows Platform Update (Vista/7) strongly recommended
      • A processor with SSE2 instruction support
      • 256 MB of free RAM (512 MB or more recommended)
      • At least 150 MB of free (uncompressed) disk space
      Pale Moon includes both 32- and 64-bit versions for Windows:

      Update

      To get the update now, select "Help" from the Pale Moon menu at the upper left of the browser window.  Select About Pale Moon > Check for Updates.




      Remember - "A day without laughter is a day wasted."
      May the wind sing to you and the sun rise in your heart...


      Wednesday, November 30, 2016

      Mozilla Firefox Version 50.0.2 Released to Address Critical Zero-Day Vulnerability


      FirefoxMozilla sent Firefox Version 50.0.2 to the release channel today to address a critical zero-day vulnerability in the wild.  Firefox ESR was updated to version 45.5.1.

      The next scheduled release is December 13, 2016 (5 week cycle with release for critical fixes as needed).

      Critical
      Additional information about the vulnerability is available in Vulnerability Note VU#791496, "Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability".

      Note:  As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable.  After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.

      Update via Twitter message from PaleMoon:
      "Despite this, we'll still be releasing a DiD patched update on Dec 2nd that fixes the crash at the root of this."

      Update

      To get the update now, select "Help" from the Firefox menu at the upper left of the browser window, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

        References




        Remember - "A day without laughter is a day wasted."
        May the wind sing to you and the sun rise in your heart...