The Security Detail

May 25 2011   11:22AM GMT

Apply Modern Security to Legacy Software with EMET

Tony Bradley Tony Bradley Profile: Tony Bradley

Windows 7 is more secure than WIndows XP. Period. Likewise, Office 2010 is more secure than Office 2007. It is not that WIndows 7, or Office 2010, or any other new OS or application is magical, it is just the natural evolution of things. New technologies are introduced. New attack techniques are developed. Newer software incorporates features to mitigate those attack techniques.

Microsoft understands, though, that many businesses can’t just jump on the latest software every time there is a new release. Microsoft also recognizes that third-party vendors may drop the ball on some areas of application security. So, Microsoft developed EMET–Enhanced MItigation Experience Toolkit–to give IT admins the tools to apply modern security controls and attack mitigation to legacy operating systems and applications.

Recently, Microsoft rolled out a new release of EMET. A Microsoft Security Research & Defense blog post describes what’s new:

  • EMET is an officially-supported product through the online forum
  • “Bottom-up Rand” new mitigation randomizes (8 bits of entropy) the base address of bottom-up allocations (including heaps, stacks, and other memory allocations) once EMET has enabled this mitigation.
  • Export Address Filtering is now available for 64 bit processes. EAF filters all accesses to the Export Address Table which blocks most of the existing shellcodes
  • Improved command line support for enterprise deployment and configuration
  • Ability to export/import EMET settings
  • Improved SEHOP (structured exception handler overwrite protection) mitigation
  • Minor bug fixes
  •  Comment on this Post

    There was an error processing your information. Please try again later.
    Thanks. We'll let you know when a new response is added.
    Send me notifications when other members comment.

    Forgot Password

    No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

    Your password has been sent to:

    Share this item with your network: