Microsoft’s Enhanced Mitigation Experience Toolkit
Microsoft's Enhanced Mitigation Experience Toolkit (EMET), aims to harden up Windows applications from exploits while patch is still under way. Every Windows PC users should have one in their desktop.
A new zero-day hole in all versions of Windows has been spotted! The flaw occurs when an attacker exploits an un-initialized memory during a CSS function in Internet Explorer. Hence, it is possible for memory to be leveraged by an attacker under certain conditions, with the help of customized website. Similar holes have been discovered in past applications like Adobe Reader, Adobe Flash, and Apple’s QuickTime. And while users are waiting for the patch, Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is here to help them.
EMET is a simple, but powerful, configuration utility that enables users to toughen their Windows applications for security purposes. A couple of months ago, Microsoft released the second version of EMET that runs on all supported Windows client and server editions. The toolkit offers a straightforward and clean interface that works with multiple Windows versions. It provides users with granular control over Data Execution Prevention (DEP). Hardware-enforced DEP prevents the execution of code in memory locations that should contain only data. With the help of EMET, users can turn on the DEP for applications that were not originally compatible with the feature.
EMET can be used to overcome the Address Space Layout Randomization (ASLR), a feature that is designed to prevent attackers from jumping to predictable addresses and exploit vulnerable codes. The only drawback of ASLR is that it only works on a per-process basis. Other features of EMET are it can block common “heap spraying” techniques, and validates exceptions before calling a handler.
Although the current version on EMET is not convenient for enterprise settings, its installation is straightforward for individual Windows PC. The only pre-requisite is an installed Microsoft .Net Framework 2.0 for Windows XP and Windows Server 2003. Users can get the EMET via download, and they can visit ZDnet for the installation guide.
If you’ve already given the second version of EMET a spin, share your findings by leaving a comment.View Article Source »