EMET - A new Windows security mitigation toolkit

[Mrkvonic]

Hello,

Windows security: a review of Enhanced Mitigation Experience Toolkit (EMET), a whitelist-style security product by Microsoft designed to harden the system by applying a series of mitigation policies to the system and running applications. Finally, a security product worth examining. Do take a look.

http://www.dedoimedo.com/computers/windows-emet.html


Cheers,
Mrk

[ParadigmShift]

Your website is great. Thanks for all your hard work.

[Boyfriend]

Thanks for good review of EMET

[TheKid7]

Thank you for your hard work.

[ruinebabine]

Quote:

Originally Posted by Boyfriend

Thanks for good review of EMET

Very well written and easy to understand, even for me.

Many of your other pages are also a must read, imho. Am now reading your "Group Policies - Beginners' guide", simple and to the point, and your writing style smoot things off nicely !

[SweX]

Very well written indeed

EMET is looking very interesting and I really like is approach to the security issue I will try it out with VMWARE and throw some malware code at it, Now I will play around

Best Regards and thanks to Mrkvonic.

[gerardwil]

Thanks Mrkvonic

[blacknight]

My question is: it's possible to use this EMET together an HIPS ( I'm using CIS ) or there are some conflict risks ? Someone is trying ?

[moontan]

very good review, tnx m8!

[Mrkvonic]

Quote:

Originally Posted by blacknight

My question is: it's possible to use this EMET together an HIPS ( I'm using CIS ) or there are some conflict risks ? Someone is trying ?

Why would you want to do that?
The whole beauty is that it's transparent.
Mrk

[J_L]

Quote:

Originally Posted by blacknight

My question is: it's possible to use this EMET together an HIPS ( I'm using CIS ) or there are some conflict risks ? Someone is trying ?

Works fine, just don't use EMET on the HIPS.

[Rilla927]

I installed this yesterday and I have Private Firewall with HIPS and so far okay.

[Rilla927]

I went to microsoft site looking for a 64bit version for my daughter's computer.

[Boyfriend]

EMET installer is compatible with x86 as well as x64. You do not need separate installer for 64bit.

[Rilla927]

Oh wow, thank you Boyfriend.

[safeguy]

Mitigation. I love that word. Seriously.

[brainrb1]

I have just started using it . I have added Firefox,Foxit reader,IE9,windows media player and Km player to the list.It would be to nice to know what programs/ Configuration Recommendations other people are adding(without problem) so that beginners can learn and add.

[Dogbiscuit]

Quote:

Originally Posted by brainrb1

It would be to nice to know what programs/ Configuration Recommendations other people are adding(without problem) so that beginners can learn and add.

See here (under Recommended applications to add)

[brainrb1]

Quote:

Originally Posted by Dogbiscuit

See here (under Recommended applications to add)

Thanks That was useful.

[Rilla927]

Quote:

Originally Posted by Dogbiscuit

See here (under Recommended applications to add)

Thanks, this is exactly what I was looking for

[Boyfriend]

Quote:

Originally Posted by Dogbiscuit

See here (under Recommended applications to add)

Thanks you very much I was also looking for this.

[Franklin]

Win 7 VM.

Added mbam.exe to EMET protect list and installed the exe killing rogue Security Tool.

At one stage after installing the rogue and a reboot the vm bsod and at reset it booted into a new profile with minimal services running, no graphics or sound.

At a second run where there was no bsod the exe killing rogue still kills everything.

IMO a useless and dangerous tool.

[Hugger]

I can't see how to get 'green' under the heading 'Running EMET'.
That whole column is empty.
Any ideas?
Happy Holidays.
Hugger

[Boyfriend]

Add a program under EMET and then run that program. A green tick mark will appear in front of program name under 'Running EMET' column.