News

Microsoft Releases EMET 3.0 Security Tool for Windows

Microsoft today released its latest anti-exploit tool that's designed to add security for various software programs running on Windows systems.

The free Enhanced Mitigation Experience Toolkit 3.0 (EMET 3.0) can be downloaded here. It offers a general protection approach to thwarting exploit code from hackers. The toolkit works with all currently supported versions of Windows, both server and client, and even has been tested successfully with the Windows 8 consumer preview beta, according to Microsoft's announcement.

Instead of blocking specifically known exploits or providing security patches, the toolkit is designed to block or "mitigate" known hacking techniques used on software technologies. Microsoft describes the toolkit as a bundle of "pseudo-mitigation technologies," and claims that the toolkit even can help to protect older software that lacked certain security protections.

"The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques," Microsoft's download page explains. "These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use."

EMET used to be known as an "unsupported" Microsoft tool, meaning that it had not undergone extensive testing at Microsoft. However, with version 3.0, Microsoft is now saying that EMET is officially supported. Moreover, Microsoft took efforts with this version to make the tool more user friendly for enterprise environments. For instance, EMET 3.0 now can be deployed, monitored and managed using Group Policy and Microsoft System Center Configuration Manager.

One new reporting improvement added to EMET 3.0 is called the "notifier," which starts with Windows and writes information to the Windows event log. Events get flagged in the application log, but important events also are shown in the taskbar notification area. The tool will log an error message in the taskbar when an exploit is blocked, listing the application that was stopped.

EMET 3.0 also includes a configuration improvement for accessing protection profiles. Protection profiles are XML files used to help protect applications. Microsoft ships EMET with three default protection profiles: one for Internet Explorer, one for Microsoft Office and a third for "common home and enterprise applications." With version 3.0, Microsoft allows IT pros to point to these protection profiles, or custom ones, using wildcard characters, such as the "*" symbol. IT pros don't have to type the whole URL path to the protection profile to protect an app.

EMET 3.0 can be installed on top of the previous 2.1 release and existing rules that were created should still work, according to Suha Can of the Microsoft Security Response Center engineering team, in Microsoft's announcement.

Additional help for EMET can be found a Microsoft's support forum page.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus