Welcome to the world of DEP and ASLR
If you can provide information about an actual In-the-wild exploit or information regarding a researcher performing a remote exploitation demo on...
(For now) I don't see any need for sandboxing games or adding them to MBAE. You will only create compatibility issues. Currently I am not aware of...
Well, actually I took the piece of advise to disable the embedding of fonts from the MS14-058 advisory (The cve-2014-4148 patch) itself. ;)...
I agree with you on that part, but I think that writing exploits purely based on AV's is just an immense waste of money.
One of the ways of infecting a host was by using CVE-2014-4148, This is was a TTF 0day which allowed an attacker to gain instant SYSTEM access. I...
I will tell you a secret: EMET is also an anti-exploit tool. Most of the mitigations present in EMET are also present in MBAE and HMPA.
I do not know whether Waterfox is protected by the free version of MBAE.
Exploiting 64-bit Google Chrome is more likely harder than any other browser. Furthermore, no one has ever captured a Chrome zero-day that was...
TL ; DR: He used syscalls to bypass the hooks. (syscalls have already been used back in 2012 to bypass EMET:...
Will there be any new features in the new 3.1 release?
I do not know which libraries are loaded at a randomized location. If the implementation is similar to the pseudo-ASLR implementation in HMPA then...
I don't see why the benefits of EMET 4.1 should be limited on Windows XP. MBAE basically comes down EMET 4.1 + application hardening...
Sorry to bother you, but if you run IE6 then this means that you're running Windows XP SP2 or lower. Supporting every old browser is impossible.
As far as I know, running multiple mitigation tools alongside each other does not decrease your level of protection, but it can certainly cause...
Correct, although I didn't mention it on purpose because I don't know whether that update would be forced or would only show a pop-up.
The only thing I know for sure is that CryptoGuard v2 won't protect against the latest versions of crypto-ransomware. I do not know whether you...
I am aware of that ;) I was only referring to the fact that all mitigations in EMET are also present in HitmanPro.Alert 3 and to the fact that the...
The only mitigation that is available in EMET 5.2 and not in HMPA that could be a valuable addition is EAF+. All the other mitigations available...
I normally try to begin an answer to such a question with "it depends", so here we go. It depends on what you consider 'decent economic malware...
v2 has been replaced by v3. Furthermore, the CryptoGuard technology in v2 is not able to stop the current generation of crypto-ransomware. Alert 3...
Please define 'odd'.
You can always use EMET on software that is not protected by MBAE. Although I would not bother about the Java protection, the last vulnerabilities...
I still think that common sense and system hardening are two different things, but that is my opinion. At least it makes exploitation harder, but...
It's free
Separate names with a comma.
