• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Microsoft EMET security enhancement utility

mechBgon

mechBgon

Super Moderator<br>Elite Member
Microsoft came out with a free utility called EMET. You can use it to control Windows security options, and to "harden" any programs you want to make more difficult to exploit.

EMET is currently at revision 2.0. It works on WinXP, Vista and Win7, and is available here:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=4a8a9171-5a11-4d58-aa34-95c855f69c39

I suggest this set of system options (WinXP will only have DEP available):
emet_1.png


You can also protect any apps you want. Your "hit list" should include:
  1. your PDF software
  2. your Sun Java if you have Java
  3. every web browser on the system (64-bit Windows has two instances of iexplore.exe, by the way, one in Program Files and one in Program Files (x86))
  4. your office software apps (Word, Excel, PowerPoint, Publisher, etc or their OpenOffice counterparts)
  5. Your VoIP and IM programs
  6. your media players (QuickTime, VLC, WMP, RealPlayer, whatever)

This is how my app protection list looks at the moment:
emet_2.png
 
Last edited:
Wow thanks for this,

Couple of questions, I'll assume you are using it now:
1) What does "harden" mean? Is it adding another layer of permissions? Does is prevent scripts running or modifying of existing programs?

2) Does it run constantly in the background or does it just add another layer over the programs you select?

3) Once installed is it relatively hassle free?

Thanks again,
 
1) down this page a ways, they describe the mitigations in version 2.0. They're aimed at mitigating vulnerabilities in the code itself by applying modern mitigation techniques to stuff, whether it was compiled to work that way or not, basically.

2) As far as I'm aware, EMET just does its thing momentarily when launching a protected program, and then it's done. It doesn't have to run all the time.

3) Yeah, the main hassle I ran into was when I set DEP to "Always On" instead of "Application Opt-Out." I have a creaky old image-editing program that crashes if DEP is applied to it, so I'd allowed it an exception, but the "Always On" setting allows no exceptions. Other than that, it's been smooth sailing so far.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top