1. Joined : Oct 2013
    Posts : 17,445
    64-bit Windows 10 Pro build 15014
       24 Feb 2016 #1

    Attackers can turn Microsoft exploit defense tool EMET against itself


    Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen their Windows computers and applications against publicly known and unknown software exploits.

    Researchers from security vendor FireEye have found a method through which exploits can unload EMET-enforced protections by leveraging a legitimate function in the tool itself.

    Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. However, itís likely that many users havenít upgraded yet, because the new version mainly adds compatibility with Windows 10 and doesnít bring any new significant mitigations.

    First released in 2009, EMET can enforce modern exploit mitigation mechanisms like Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR) or Export Address Table Access Filtering (EAF) to applications, especially legacy ones, that were built without them. This makes it much harder for attackers to exploit vulnerabilities in those applications in order to compromise computers....


    Read more: Attackers can turn Microsoft's exploit defense tool EMET against itself | PCWorld
      My System SpecsSystem Spec


  2. Joined : Apr 2014
    Posts : 3,313
    W10 Pro x64/W7 Ultimate x64 dual boot main - W10 Pro Insider Preview/W7 Pro x64 - remote pc
       26 Feb 2016 #2

    I wonder if this would also be something to consider for use on personal as well as business systems as an additional protection measure? It does show that someone will always be trying to break something MS puts out!
      My System SpecsSystem Spec


  3. Joined : Mar 2016
    Posts : 4
    windows 10
       01 Apr 2016 #3

    Thank you for the news.
    So now (w10 user here ) the vulnerability is fixed?
    Thank you
      My System SpecsSystem Spec

  4.    01 Apr 2016 #4

    My reading of the info is that if you run the latest version of EMET, you are not subject to the reported vulnerability. That latest version is numbered 5.5, and you can download it from the Microsoft Download Center.

    EMET has been available for free from MS for some time now. It is recommended for use on all modern Windows clients as a best practice by the MS in-house Security team, and by many third-party experts including Larry Seltzer and Ed Skoudis (both well-known Windows security and malware experts).

    I've been running it on my clients since the early part of this decade (I first blogged about it in September 2012) and it hasn't posed any stability or behavior problems or caused any appreciable performance issues that I've noticed.

    HTH,
    --Ed--
      My System SpecsSystem Spec


  5. Joined : Feb 2015
    Bamberg Germany
    Posts : 12,921
    Microsoft Windows 10 Pro 64-bit 14393 Multiprocessor Free
       01 Apr 2016 #5
      My System SpecsSystem Spec


 


Similar Threads
Thread Forum
Microsoft: Edge so secure they don't need EMET anti zero-day shield
Read more: Microsoft: Windows 10, Edge so secure they don't need our EMET anti zero-day shield | ZDNet See also: Enhanced Mitigation Experience Toolkit (EMET) for Windows 10 - Windows 10 Forums
Windows 10 News
Solved Microsoft: Windows 10, Edge so secure they don't need our EMET
Microsoft: Windows 10, Edge so secure they don't need our EMET anti zero-day shield | ZDNet
AntiVirus, Firewalls and System Security
Comodo Defense + & Windows Defender are both off, won't turn on
I have Comodo's free protection installed. Since I installed Windows 10, I keep getting a periodic pop-up message at the lower right of my screen telling me that both Comodo Defense + and Windows Defender are turned off. When I go to the Security...
AntiVirus, Firewalls and System Security
18-year-old Windows bug allows attackers to harvest credentials
18-year-old Windows bug allows attackers to harvest credentials - TechRepublic
AntiVirus, Firewalls and System Security
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 15:14.
Find Us
Twitter Facebook Google+



Windows 10 Forums