Microsoft is presenting Microsoft Enhanced Mitigation Experience Toolkit (EMET) as a very efficient additional security features. EMET is targeting for system administrators and any others Windows users, any one can use EMET as additional security features without knowing to much. EMET can also help to secure outdated Windows XP.
What really is EMET ?
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental protection to your system and third-party applications.
EMET works on all Windows versions and it’s even recommended to use it on Windows XP, as Windows XP is not supported anymore and it’s not the most secured.
EMET uses 12 specific mitigation techniques that will prevent exploits related to memory corruption and making harder for attackers to find and exploit vulnerabilities, like Data execution prevention which precents code in your system to work incorrectly, Mandatory address space layout randomization – which makes hard to find specific address in a system’s memory for security reasons.Structured exception handler overwrite protection – a mitigation that blocks exploits that attempt to exploit stack overflows, Anti-Return Oriented Programming – which prevents hacker to bypass DEP.
Secure Popular Applications with EMET
1Download the Enhanced Mitigation Experience Toolkit (EMET) from Microsoft and install it. Download EMET Here
2Select the Use Recommended Settings option which will protect the most used programs like: Internet Explorer, Microsoft Office, Adobe Reader, Java plug-in.
3Launch the EMET GUI from Start menu. Click the Import button at the top-left corner of the screen and select the Popular Software.xml file and import it. This file will add additional rules to help protecting popular third-party programs like Chrome, Firefox, Skype, iTunes, Photoshop, Thunderbird, Pidgin, VLC, WinRAR, 7-Zip and some more.
How Does EMET Work?
Microsoft started adding additional security features applications that could take advantage over Windows XP security problems. Data Execution Prevention (DEP) was one added by Microsoft, it allows the operating system to mark certain sections of memory as non-executable data. If a hacker can get access to buffer overflow vulnerability in an application and attempts to run code from a sector marked as data, the operating system will not run it. This type of applications help to protect a system from being exploited, even if attackers find a security hole in the application.
Windows enables these features by default for its own system programs, but for third-party application usually these features are not enabled and Windows runs applications without these security features.
EMET provides a way to turn on DEP, ASLR, and some more security features for applications that don’t specifically request them. EMET can help your third-party application very easy.