Page 2 of 4 FirstFirst 1234 LastLast

  1. Joined : Oct 2014
    Posts : 330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #11

    Kol12 said: View Post
    My first source of information regarding the EMET vulnerability was from hardenwindows10forsecurity.com where he say's and I quote:

    "This guide used to recommend EMET 5.2 for other versions of Windows, but MS has pronounced that it is not compatible with Windows 10. EMET 5.5 has been released. However, the new version requires the Secondary Logon service active. And by having access to Secondary Logon service, attackers can use the runas command line tool to invoke administrative rights."
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
      My System SpecsSystem Spec


  2. Joined : Oct 2013
    Covington, Louisiana
    Posts : 535
    Windows 10 Pro 64
       21 Sep 2016 #12

    DavidE,

    You can turn off the auto update in MBAE if that will help.

    Click image for larger version. 

Name:	MBAE Setings.JPG 
Views:	29 
Size:	56.5 KB 
ID:	102528

    Jim
      My System SpecsSystem Spec


  3. Joined : Oct 2014
    Posts : 330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #13

    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I would like to get a prompt when a new program update is available, and control if/when it is updated.
      My System SpecsSystem Spec


  4. Joined : Aug 2015
    Posts : 825
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #14

    DavidE said: View Post
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Attackers can turn Microsoft exploit defense tool EMET against itself - Windows 10 Forums

    Just google "EMET vulnerability" and you'll see links to many articles at a range of reputable sites.
    Most date to the Feb 2016 disclosure/announcement by MS.
    This is more recent:
    Zero-day Windows vulnerability that can supposedly bypass EMET up for sale for $90,000


    MM
      My System SpecsSystem Spec


  5. Joined : Aug 2015
    Posts : 825
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #15

    DavidE said: View Post
    The issue i see with that is if it is turned off, there is no notification of a program update available.
    I will double-check on that, but I am pretty sure it does not work that way.

    I would like to get a prompt when a new program update is available, and control if/when it is updated.
    Disabling the auto-update setting will only disable exactly that: automatically installing the new program version when it is available to that system.
    If one disables that setting, one will still be NOTIFIED that a new program version is available.
    The user can then elect to upgrade or not.

    At least that's how MBAE Premium behaves on all 3 of my systems with that setting disabled.
    (Free should behave the same for this particular feature.)

    Thanks,
    MM
      My System SpecsSystem Spec


  6. Joined : Oct 2014
    Posts : 330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #16

    So, for people i try to help
    Should i recommend don't use EMET, and tell them they have to pay x$ for MBAE yearly ?

    These are mostly senior citizens on fixed income, non-techies, and won't pay online, etc.
    The only thing i see MBAE free protects for them is a browser protection (maybe).
    I remove Adobe, Java, etc. for them.
    They may have MS Office, and often do.
    Their OS could be W7 to W10 (or Vista).
      My System SpecsSystem Spec


  7. Joined : Aug 2015
    Posts : 825
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       21 Sep 2016 #17

    Hi:

    You can advise them however you see fit.

    For what it's worth, most exploits are delivered via browsers.
    Since MBAE Free shields most common browsers and Java, it is sufficient for most users.

    Users who wish to expand protection for other types of applications can purchase the Premium version.
    The rationale behind what is or is not shielded by default in MBAE Free is explained here.
    HMPA, the other, major, third-party anti-exploit application is also a paid program.

    It's always up to each computer user how to protect his/her system.
    I have no financial interest in any product.
    I merely pointed out the well-publicized vulnerability of EMET and tried to correct some misconceptions about MBAE.
    But if you prefer EMET over other similar applications for your computer or for friends, family and clients, then that's certainly 100% fine with me.

    >>NONE of these applications will protect 100% of computers from 100% of malware 100% of the time.
    >>For users who practice "unsafe hex", they will likely fall victim eventually to some adverse event, no matter what security programs are installed.
    >> The key is to educate one's customers on how to protect themselves with "best practices" for personal computing.

    I'm not interested in arguing with you, especially since the OP on this thread was satisfied with the information presented.
    Please do as you see fit.

    Cheers,
    MM
      My System SpecsSystem Spec


  8. Joined : Oct 2014
    Posts : 330
    Multi-Boot W7_Pro_x64 W8.1_Pro_x64 W10_Pro_x64
       21 Sep 2016 #18

    Understood and thanks.
    I'm also not interested in arguing.
    Guess I know i can't support re-installing MBAE or MBAM remotely for others based on my own experience.
      My System SpecsSystem Spec


  9. Joined : Aug 2016
    Posts : 157
    Windows 10 64 bit, 1607
       21 Sep 2016 #19

    DavidE said: View Post
    Can you post a link, i'd like to read about that.
    I'm not a security expert, just a cautious user.
    Harden Windows 10 - A Security Guide. How to secure Windows 10

    use find (ctrl+f) and type EMET
      My System SpecsSystem Spec


  10. Joined : Aug 2016
    Posts : 157
    Windows 10 64 bit, 1607
       21 Sep 2016 #20

    I would still like some insight into the Secondary Logon service/runas command line tool vulnerability in EMET and if it is enough to stop using EMET all together...
      My System SpecsSystem Spec


 
Page 2 of 4 FirstFirst 1234 LastLast


Similar Threads
Thread Forum
Solved Latest Version Malwarebytes Anti Exploit
89528 Malwarebytes Anti Exploit Stand Alone Beta Latest beta version 1.9.1.1303 / 09 January 2017 Download page*** Changelog: As it has been for months, no new changelog is given:(
AntiVirus, Firewalls and System Security
Attackers can turn Microsoft exploit defense tool EMET against itself
Read more: Attackers can turn Microsoft's exploit defense tool EMET against itself | PCWorld
Windows 10 News
Microsoft: Edge so secure they don't need EMET anti zero-day shield
Read more: Microsoft: Windows 10, Edge so secure they don't need our EMET anti zero-day shield | ZDNet See also: Enhanced Mitigation Experience Toolkit (EMET) for Windows 10 - Windows 10 Forums
Windows 10 News
Solved Malwarebytes Anti -Exploit
At the moment I'm using Bitdefender anti virus and Malwarebytes anti malware. Would it be advantageous to install the above program. I'm not sure I fully understand what this program is trying to do. I have read the description on their web site...
AntiVirus, Firewalls and System Security
Use Anti-Exploit Program to Help Protect Your PC From Zero-Day Attack
Source: Use an Anti-Exploit Program to Help Protect Your PC From Zero-Day Attacks For more information and download links, go to this thread: Latest Version Malwarebytes Anti Exploit
Windows 10 News
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:01.
Find Us
Twitter Facebook Google+



Windows 10 Forums