Cybercriminals design malware to exploit vulnerable systems without user interaction being required – on the one hand, and craft attacks that take advantage of unaware computer users, in which user interaction is required – on the other hand.
The second part, of this two part attack approach, can only be defeated if the computer user is aware of current Internet threats. So, knowledge and experience, are critical ingredients in the never ending, and escalating battle, against cybercriminals.
In order to defeat attacks which rely on exploiting vulnerable systems, the preferred method to do so, is the implementation of a layered security approach. Employing layered security should (I emphasize should), ensure the swift detection of malware, before any damage occurs on the targeted system.
Let’s talk real world:
Given existing technology, no single security application is capable of providing adequate computer system protection. Gaps exist in protection capabilities in even the most sophisticated security applications.
Layering (or stacking) security applications, offers the best chance of remaining infection free, by closing these gaps. Keep in mind however, that even the best layered protection strategy will not make up for the lack of experience, and intuitiveness, of many computer users.
So, stopping the bad guys from gaining a foothold has to be a primary objective of that layered defense strategy that I mentioned earlier. And, part of that strategy includes raising barriers at the doorway to the system – the Internet browser.
ExploitShield (brought to my attention some time ago by good friend Michael Fisher), a free Internet browser security application which is currently in Beta, seems well suited to helping raise those barriers.
From the site:
ExploitShield protects users where traditional security measures fail. It consists of an innovative patent-pending application shielding technology that prevents malicious exploits from compromising computers through software vulnerabilities.
ExploitShield Browser Edition is free for home users and non-profit organizations. It includes all protections needed to prevent drive-by download targeted attacks originating from commercial exploit kits and other web-based exploits.
These type of attacks are used as common infection vectors for financial malware, ransomware, rogue antivirus and other types of nastiest not commonly detected by traditional blacklisting antivirus and security products.
Where’s the proof?
Since I’m just now getting back into application testing, following six months or so of 60+ hours a week assignments, I’ve relied (in this case) on the expert opinion of others (including Neil J. Rubenking), as to the effectiveness of ExploitShield. My apologies for that.
Installation is a breeze and, on application launch, a simple and uncomplicated interface is presented.
Clicking on the “Shields” tab will provide you with a list of applications protected by ExploitShield – as shown below.
Once loaded, ExploitShield will run as a background process (shown in the screen capture below – necessary since it provides active protection for the applications shown in the screenshot above.
As a reminder that ExploitShield is up and running, a new Icon – the “Z”, as shown in the following screen shot ,will appear in the system tray.
System requirements: Windows 8, Windows 7, Windows Vista, and Windows XP. ExploitShield runs as both 32 bit and native bit.
From the developer: This beta 0.8.1 expires March 31, 2013. Check back to download a new version once expired.
Download at: ZeroVulnerabilityLabs
It may be a new year – but, the state of Internet security is as it ever was – pathetic. The Internet is a world that is full of cybercriminals, scam and fraud artists, and worse. A world that reeks of tainted search engine results, malware infected legitimate websites, drive-by downloads and bogus security software.
Please be guided by the following: Stop – Think – Click. The bad guys really are out to get you.
Bill Mullins' Weblog - Tech Thoughts 
Reblogged this on vizualbusinessbd.
Thanks Masud. I appreciate the reblog.
Best,
Bill
Hey Bill,
What a great article for the new year. I haven’t tried this app yet, since my layered security strategy has resulted in my computer remaining infection free for years now. I say, if it aint broke, don’t fix it. But Exploit Shield looks like it might be worth a run. It can’t hurt, for sure.
Cheers
Hey Mal,
Yeah, give this one a run. I’d be most interested in your views.
Best,
Bill
Hey Bill –
One step in installing Exploit Shield is closing all browsers. Since my version of Firefox ( 17.0.1 ) takes about 25 seconds to completely clear itself from memory when shutting down, I chose to wait till it had done so before proceeding.
Even so, after the installation neither FireFox, Opera, nor Internet Explorer, would load completely. Each one would start to load (for 4 or 5 seconds) and then terminate.
I used the icon in the System tray to turn Exploit Shield off. I was glad to see that the three browsers were back to working! :>)
I suppose that I could turn it back on after FireFox loads in order to see what happens, but I’m reluctant to do so.
After turning it off, I brought up the main screen using the icon in the system tray. There was a small green bar in the lower right had corner of the screen telling me Exploit Shield is running. Since I had just turned it off, perhaps this message should be, “Exploit Shield is not active”.
I posted the above info on the Support Forum page of their website.
Changing subjects, a few weeks ago I found a small utility called “Internet Off”. Its icon sits in the System Tray and allows one to allow or disallow all in and out connections to the internet while the computer is turned on. I use it when I’m doing database work and have no need for the internet.
Might be useful to some of your readers. It’s available at http://www.crystalrich/internetoff
Here’s a great idea I found at the Exploit Shield website. Instead of using one of those S$%TF $R$#R#$RWDF#$#$%^#%@%$$%!@ capchas, the verification screen asks you to spell a short word backwards. Couldn’t be easer!
Hey Hipockets,
Yikes!! I’m not unfamiliar with this type of heart stopper – always gets the blood boiling. 🙂 Good to see that you could back out of it.
Thanks for the link on InternetOff – just finished giving it a run-through. Should have a quick review up later in the day.
Best,
Bill
Hi Bill,
Just out of interest I installed the free version. I found that, after installing, Chrome, Comodo Dragon, Firefox and IE all started up and ran as per usual. Comodo Dragon does not appear on the Shield list; understandable as it is fairly new.
I presume the screenshot of the active shields came from the Shields tab. This feature (managing shields) seems to be available only in the corporate version.
Kind regards
John
Hi John,
Happy to hear you had no issues with this. And yes – you’re right – managing shields is a paid feature.
Best,
Bill
Thanks for the review of our product Bill!
@hipockets, the issue you encountered with browsers not opening of taking a long time to open might be due to a known incompatibility with some known HIPS security products such as Rapport, Webroot or Comodo D+. Which other security products are you using?
Hey Guys,
A pleasure. Love the product. 🙂
Best,
Bill
Hi Bill,
For what it’s worth I do have Rapport installed and had no problems with ExploitShield. I had Rapport a few years ago and uninstalled it as it caused some conflicts. The latest version seems fine though.
Having said that, I’ve noticed that Comodo Dragon has now started shutting down shortly after opening. I exited ExploitShield and it made no difference, so obviously that isn’t the problem.
Kind regards
John
Hi John,
Thanks for the update.
Best,
Bill
@ZeroVulnLabs — Thanks for the follow-up. Here’s what is what I have –
Comodo Fire Wall,
file version of .exe file — 5.12.59641.2599
Microsoft Security Essentials
— always updated with latest patches
Win Patrol Plus,
file version of .exe file — 25.6.2012.1
Malwarebytes Anti-Malware,
file version of .exe file — 1.62.0.140
(Occasional scanning only)
SUPERAntiSpyware,
file version of .exe file — 5.6.0.1014
SafenSoftSysWatchPersonal,
file version of .exe file — 3.6.36.1631
SecurityKISS Tunnel VPN
BitDefender QuickScan 0.9.9.119
PlugIn for FireFox
Thanks again for the follow-up.
P.S.
Firefox 18.0
IE 8.0.6001.18702
Opera 12.0
–Hey Bill — I had posted the info – in the first post on this subject – on the Support Forum page of their website. Please feel free to release my email address to them.
Hey Hipockets,
Unfortunately, I don’t have a direct email address for this developer. But, checkout this page – ExploitShield Compatibility List – Other Security Software – which was posted on their site Jan 13th.
Best,
Bill
It’s most likely that the conflict is Comodo. We’ve had them add our digital signature to their Trusted Vendor List but still the problem occurs. It seems like a bug in their behavioral exclusions. We’ve opened a support ticket with them but if you can complain to them directly in their forum it would help prioritize things.