EMET 5.0 crashes Patch Tuesday party

Patch this and this and this and this

Microsoft has issued a new version of its Enhanced Mitigation Toolkit (EMET) to address a variety of compatibility issues in the system-hardening environment.

Version 5.1 fixed compatibility and Export Address Table Filtering Plus (EAF+) issues with security updates for 64-bit Internet Explorer version 11, Adobe Reader, Adobe Flash, and Mozilla Firefox on Windows 7 and 8.1

There were also user reports that it was causing security conflicts with older versions of Skype, which have now been fixed.

Users could simply disable EAF+ on EMET 5.0, but only at the expense of security, Microsoft staffer 'swait' wrote in a post.

"Certain mitigations have been improved and hardened to make them more resilient to attacks and bypasses," the staffer said.

A local telemetry feature was included that allowed memory dumps to be saved when attacks were blocked, they said.

It was unknown if the updated version closed off a bypass attack developed by the brains behind the Kali Linux platform.

"As we managed to successfully demonstrate, the difficulty in disarming EMET 5 mitigations has not increased substantially since version 4.x," the researchers wrote in October.

Redmond released EMET version 5 introducing Attack Surface Reduction to help corporate security apply usage policies or block Java, Flash Player and third-party browser plug-ins. It also sported an improved EAF and deep hooks mitigation by default.

It thanked fellow researchers Luca Davi, Daniel Lehmann, and Ahmad-Reza Sadeghi of Technical University Darmstadt and René Freingruber form SEC Consult.

Windows users should download the latest EMET version when possible. ®

Sponsored: Detecting cyber attacks as a small to medium business


Biting the hand that feeds IT © 1998–2020