News

Microsoft's EMET 4.0 Security Tool Set for May 28 Release

After rolling out the fourth version of the Enhanced Mitigation Experience Toolkit (EMET) in beta form last month, Microsoft will be releasing the final product on May 28.

The free Microsoft security tool is designed to block known exploit techniques used in attacking high-targeted software. It also provides protection for software that is no longer being supported with official security updates. The toolkit works with all versions of Windows OS and Windows Server.

The release date of the fourth version of the toolkit was pushed back two weeks based on the feedback given to Microsoft from beta testers.

"We want to make product changes to address more of the feedback before we release EMET 4.0 to the world," wrote Elia Florio, an engineer with the Microsoft Security Response Center in a blog post. "So we decided to postpone the release of final version of EMET 4.0 by two weeks, to May 28th, 2013. We are sorry if this decision may interfere with your future plans of deploying EMET, but we prefer to take some extra time to work on all the feedback received and to release a product as reliable and safe as possible."

Included in an addressed community feedback was a flaw in the beta version that actually made certain exploits to be leveraged easier when Microsoft's security tool was runing. This, along with a number of other bugs discovered during the beta, will all be fixed by the release of the new version, according to Microsoft.

New for this year's version is a feature called Certificate Trust. According to Florio, this will allow for the creation of specific rules for SSL/TLS Web certificates that will help in lowering attacks hidden in untrusted or unverified Web certs.

"EMET 4.0 comes with Certificate Trust enabled by default, including a set of pre-configured websites for the most common domains used by Microsoft online services; nevertheless, since we believe that certificate pinning is a useful tool to detect MITM attacks targeting any domain and not just Microsoft services, we designed Certificate Trust totally configurable, in order to allow any user to configure custom pinning rules that will be enforced when browsing the web with Internet Explorer," said Florio.

Other notable changes to version 4.0 include:

  • EMET Notifier will gain new functionality and will change its name to EMET Agent.
  • Increased and in-depth reporting options.
  • Processes without an .exe extension will now be protected.
  • Default profiles for Certificate Trust and migrations.

For those wanting to test-drive the updated tool before its officially released on May 28, download the EMET 4.0 beta here.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

Featured

comments powered by Disqus

Subscribe on YouTube