EMET 5.0 crashes Patch Tuesday party
Patch this and this and this and this
Microsoft has issued a new version of its Enhanced Mitigation Toolkit (EMET) to address a variety of compatibility issues in the system-hardening environment.
Version 5.1 fixed compatibility and Export Address Table Filtering Plus (EAF+) issues with security updates for 64-bit Internet Explorer version 11, Adobe Reader, Adobe Flash, and Mozilla Firefox on Windows 7 and 8.1
There were also user reports that it was causing security conflicts with older versions of Skype, which have now been fixed.
Users could simply disable EAF+ on EMET 5.0, but only at the expense of security, Microsoft staffer 'swait' wrote in a post.
"Certain mitigations have been improved and hardened to make them more resilient to attacks and bypasses," the staffer said.
A local telemetry feature was included that allowed memory dumps to be saved when attacks were blocked, they said.
It was unknown if the updated version closed off a bypass attack developed by the brains behind the Kali Linux platform.
"As we managed to successfully demonstrate, the difficulty in disarming EMET 5 mitigations has not increased substantially since version 4.x," the researchers wrote in October.
Redmond released EMET version 5 introducing Attack Surface Reduction to help corporate security apply usage policies or block Java, Flash Player and third-party browser plug-ins. It also sported an improved EAF and deep hooks mitigation by default.
It thanked fellow researchers Luca Davi, Daniel Lehmann, and Ahmad-Reza Sadeghi of Technical University Darmstadt and René Freingruber form SEC Consult.
Windows users should download the latest EMET version when possible. ®