Get on-the-go access to the latest insights featured on our Trustworthy Computing blogs.
Today we released a new version of our Enhanced Mitigation Experience Toolkit (EMET 4.0). EMET is a free mitigation tool designed to help IT Professionals and developers prevent vulnerabilities in software from being successfully exploited. The tool works by protecting applications via the latest security mitigation technologies built into Windows, even in cases where the developer of the application didn’t opt to do this themselves. By doing so, it enables a wide variety of software to be made significantly more resistant to exploitation – even against zero day vulnerabilities and vulnerabilities for which an update has not yet been applied.
EMET has been a very popular tool among customers trying to manage risk associated with insecure applications they have in their environments. Over the past year we have seen some attackers evolve their tactics in ways that we believe can be mitigated with a tool like EMET. We have also received feedback from a number of customers on how we could make EMET better fit their needs. This information has been invaluable in enhancing the latest version of the tool. EMET 4.0, released today, incorporates a number of new enhancements including protection against Man in the Middle attacks leveraging the Public Key Infrastructure (PKI), and hardening of Return-Oriented Programming (ROP) mitigations. This version also addresses known compatibility issues and is designed to work with our latest technologies such as Internet Explorer 10 and Windows 8. Here are more details on what’s new in this new version of EMET:
Of course these enhancements would not be possible without the great feedback from customers and the security community. For more information on this release, I encourage you to visit the Security Research and Defense blog.
Tim RainsDirectorTrustworthy Computing