Microsoft Releases EMET 2.0 Security Tool
Microsoft last week released the latest version of a free tool designed to help ward off attacks to legacy software.
Enhanced Mitigation Experience Toolkit (EMET) 2.0 aims to protect against commonly used hacking efforts. Rather than provide security patches against known exploits, it attempts to block or "mitigate" hacking techniques, based on six software technologies.
Software developers and IT professionals can use the tool to help protect older software against vulnerabilities, especially when there might not be a specific patch.
Typical candidates for such protection include Windows XP and Internet Explorer 6, which are aging products but still widely used. Those products lack some newer security technologies found in Windows 7 and IE 8. EMET 2.0 might also be used to help protect third-party applications and line-of-business apps that use those legacy Microsoft solutions, according to Microsoft's announcement.
The software technologies where the tool can provide some mitigation support were described by Microsoft back in July. Version 2.0 includes two new mitigations: Export Address Table Access Filtering and Mandatory Address Space Layout Randomization. Version 2.0 also features a graphical user interface to make the mitigations easier to see and manage.
The tool lets users apply mitigations on a particular software process. It provides a consistent user interface that doesn't depend on the underlying platform. Moreover, EMET 2.0 is not tied to a particular product, according to Microsoft. Updates can be added to the tool when newer mitigation technologies become available.
EMET 2.0 works with all supported Microsoft client and server operating systems, according to the Users Guide (PDF download). It works with 32-bit and 64-bit systems but some mitigations are not available with 64-bit systems. Installing the latest version will disable any earlier versions of the tool.
One caveat for users is that EMET 2.0 is not currently a supported Microsoft tool, but is offered "as is." It's available at the Microsoft Download Center here.
Kurt Mackie is online news editor for the 1105 Enterprise Computing Group.