The new security software Crystal Anti-Exploit Protection has just been released in a first beta version. The program adds another layer of defense to the system that protects applications that it protects from a number of exploits that they may be vulnerable for. It is not a replacement for antivirus software, other security software or common sense, but can protect the system from exploits that target vulnerabilities that have not been fixed yet.
Crystal Anti-Exploit Protection is available for 32-bit and 64-bit versions of Windows XP, Windows Vista and Windows 7 at the time of writing. It requires the Microsoft .Net Framework 2.0 on the system and administrative privileges.
CrystalAEP operates by running within every instance of a protected program (for example the web browser), performing checks at key points within the program's life-time in an attempt to ensure that it is not under attack. Crystal also alters the behaviour of protected programs to render them more difficult targets for malicious software seeking to be installed on a user's system - if the vulnerable program malware is targeting is in an unknown and constantly changing state many traditional methods for exploiting flaws within the software are made significantly more difficult.
The program protects a number of high profile processes automatically after you have installed it. This includes web browsers such as Internet Explorer, Google Chrome or Firefox, Acrobat Reader, Excel, VLC or Winamp. The protection level is set to minimum, the lowest available level by default to avoid issues when running the programs on the system.
You can click on Configuration > Basic Options to modify the protection levels, or add running or installed programs to the list of protected applications. It is possible to configure different protection levels for processes, so that high profile applications like Java, Firefox or Internet Explorer run on a higher level than programs like SnagIt or Wordpad.
You can alternatively open the Expert Options and configure the protection methods for each process in greater detail. Only users who know what they are doing should bother to make changes to these features as they require a great deal of security know how.
There is also a content filtering option, but it is not selected by default, and only available for Microsoft's Internet Explorer.
The program displays the most recent alerts in the main program window. Here it is also possible to enable realtime alerts and to disable the protection that it provides.
A good start to get to know the program is to read the excellent user manual in pdf format that it ships with. Here you find information about an introduction to the program and its configuration modes. Each expert setting is displayed here, and the explanations should be enough to give you a basic understanding of what they do.
You may run into issues with some programs after installation. The developer recommends that basic users should start with the minimum protection settings first to avoid these issues. He recommends that experienced users set the level to high before switching to the expert options to modify the settings further.
The program is not a run and forget type of program. You will spend some time configuring processes on your system. The developer has added the basic options mode for inexperienced users who want to add some level of extra protection to their system. And while that's working well to a certain degree, the real strength only becomes visible in the program's advanced options and higher protection levels. It is definitely a program to keep an eye on.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.