The issue i see with that is if it is turned off, there is no notification of a program update available.
I would like to get a prompt when a new program update is available, and control if/when it is updated.
Attackers can turn Microsoft exploit defense tool EMET against itself - Windows 10 Forums
Just google "EMET vulnerability" and you'll see links to many articles at a range of reputable sites.
Most date to the Feb 2016 disclosure/announcement by MS.
This is more recent:
Zero-day Windows vulnerability that can supposedly bypass EMET up for sale for $90,000
Disabling the auto-update setting will only disable exactly that: automatically installing the new program version when it is available to that system.I would like to get a prompt when a new program update is available, and control if/when it is updated.
If one disables that setting, one will still be NOTIFIED that a new program version is available.
The user can then elect to upgrade or not.
At least that's how MBAE Premium behaves on all 3 of my systems with that setting disabled.
(Free should behave the same for this particular feature.)
So, for people i try to help
Should i recommend don't use EMET, and tell them they have to pay x$ for MBAE yearly ?
These are mostly senior citizens on fixed income, non-techies, and won't pay online, etc.
The only thing i see MBAE free protects for them is a browser protection (maybe).
I remove Adobe, Java, etc. for them.
They may have MS Office, and often do.
Their OS could be W7 to W10 (or Vista).
You can advise them however you see fit.
For what it's worth, most exploits are delivered via browsers.
Since MBAE Free shields most common browsers and Java, it is sufficient for most users.
Users who wish to expand protection for other types of applications can purchase the Premium version.
The rationale behind what is or is not shielded by default in MBAE Free is explained here.
HMPA, the other, major, third-party anti-exploit application is also a paid program.
It's always up to each computer user how to protect his/her system.
I have no financial interest in any product.
I merely pointed out the well-publicized vulnerability of EMET and tried to correct some misconceptions about MBAE.
But if you prefer EMET over other similar applications for your computer or for friends, family and clients, then that's certainly 100% fine with me.
>>NONE of these applications will protect 100% of computers from 100% of malware 100% of the time.
>>For users who practice "unsafe hex", they will likely fall victim eventually to some adverse event, no matter what security programs are installed.
>> The key is to educate one's customers on how to protect themselves with "best practices" for personal computing.
I'm not interested in arguing with you, especially since the OP on this thread was satisfied with the information presented.
Please do as you see fit.
Understood and thanks.
I'm also not interested in arguing.
Guess I know i can't support re-installing MBAE or MBAM remotely for others based on my own experience.
I would still like some insight into the Secondary Logon service/runas command line tool vulnerability in EMET and if it is enough to stop using EMET all together...