The new security software Crystal Anti-Exploit Protection
has just been released in a first beta version. The program adds
another layer of defense to the system that protects applications that
it protects from a number of exploits that they may be vulnerable for.
It is not a replacement for antivirus software, other security software
or common sense, but can protect the system from exploits that target
vulnerabilities that have not been fixed yet.
Crystal Anti-Exploit Protection is available for 32-bit and 64-bit versions of Windows XP, Windows Vista and Windows 7 at the time of writing. It requires the Microsoft .Net Framework 2.0 on the system and administrative privileges.
You can alternatively open the Expert Options and configure the protection methods for each process in greater detail. Only users who know what they are doing should bother to make changes to these features as they require a great deal of security know how.
There is also a content filtering option, but it is not selected by default, and only available for Microsoft’s Internet Explorer.
The program displays the most recent alerts in the main program window. Here it is also possible to enable realtime alerts and to disable the protection that it provides.
A good start to get to know the program is to read the excellent user manual in pdf format that it ships with. Here you find information about an introduction to the program and its configuration modes. Each expert setting is displayed here, and the explanations should be enough to give you a basic understanding of what they do.
You may run into issues with some programs after installation. The developer recommends that basic users should start with the minimum protection settings first to avoid these issues. He recommends that experienced users set the level to high before switching to the expert options to modify the settings further.
Source: http://www.ghacks.net/2012/07/02/crystal-anti-exploit-protection-new-security-softwar-released/
Crystal Anti-Exploit Protection is available for 32-bit and 64-bit versions of Windows XP, Windows Vista and Windows 7 at the time of writing. It requires the Microsoft .Net Framework 2.0 on the system and administrative privileges.
How does it work?
CrystalAEP operates by running within every instance of a protected program (for example the web browser), performing checks at key points within the program’s life-time in an attempt to ensure that it is not under attack. Crystal also alters the behaviour of protected programs to render them more difficult targets for malicious software seeking to be installed on a user’s system – if the vulnerable program malware is targeting is in an unknown and constantly changing state many traditional methods for exploiting flaws within the software are made significantly more difficult.The program protects a number of high profile processes automatically after you have installed it. This includes web browsers such as Internet Explorer, Google Chrome or Firefox, Acrobat Reader, Excel, VLC or Winamp. The protection level is set to minimum, the lowest available level by default to avoid issues when running the programs on the system.
- Minimum – Provides only the basic protection, none of which should be invasive or disrupt delicate programs. This mode provides a backstop against some classes of threat and is surprisingly effective considering the limited features that it enables, but is not recommended for most programs as little is done to disrupt exploit attempts.
- Moderate – A good improvement on Minimum, this mode aims to provide a compromise between reliability and security, erring on the side of reliability. This mode is recommended for applications which do not cope well with the High mode of protection, but is otherwise not recommended.
- High – Provides an equal balance between reliability and security. Most of the particularly effective anti-exploit techniques are enabled when using this mode. This is the recommended mode for most users.
- Maximum – This mode provides the highest level of protection which Crystal affords, enabling nearly all of the protection features the product can offer. Occasionally Maximum protection provides too locked-down an environment for flexible programs to operate under, and is therefore not recommended above High for most users. Maximum can be enabled for systems for which security is absolutely paramount above software reliability.
You can alternatively open the Expert Options and configure the protection methods for each process in greater detail. Only users who know what they are doing should bother to make changes to these features as they require a great deal of security know how.
There is also a content filtering option, but it is not selected by default, and only available for Microsoft’s Internet Explorer.
The program displays the most recent alerts in the main program window. Here it is also possible to enable realtime alerts and to disable the protection that it provides.
A good start to get to know the program is to read the excellent user manual in pdf format that it ships with. Here you find information about an introduction to the program and its configuration modes. Each expert setting is displayed here, and the explanations should be enough to give you a basic understanding of what they do.
You may run into issues with some programs after installation. The developer recommends that basic users should start with the minimum protection settings first to avoid these issues. He recommends that experienced users set the level to high before switching to the expert options to modify the settings further.
Closing Words
The program is not a run and forget type of program. You will spend some time configuring processes on your system. The developer has added the basic options mode for inexperienced users who want to add some level of extra protection to their system. And while that’s working well to a certain degree, the real strength only becomes visible in the program’s advanced options and higher protection levels. It is definitely a program to keep an eye on.Source: http://www.ghacks.net/2012/07/02/crystal-anti-exploit-protection-new-security-softwar-released/
No comments:
Post a Comment