EMET - A new Windows security mitigation toolkit

Hello,

Windows security: a review of Enhanced Mitigation Experience Toolkit (EMET), a whitelist-style security product by Microsoft designed to harden the system by applying a series of mitigation policies to the system and running applications. Finally, a security product worth examining. Do take a look.

http://www.dedoimedo.com/computers/windows-emet.html


Cheers,
Mrk

 

Your website is great. Thanks for all your hard work.

 

Thanks for good review of EMET

 

Thank you for your hard work.

 

Very well written and easy to understand, even for me.

Many of your other pages are also a must read, imho. Am now reading your "Group Policies - Beginners' guide", simple and to the point, and your writing style smoot things off nicely !

 

Very well written indeed

 

EMET is looking very interesting and I really like is approach to the security issue I will try it out with VMWARE and throw some malware code at it, Now I will play around

Best Regards and thanks to Mrkvonic.

 

Thanks Mrkvonic

 

My question is: it's possible to use this EMET together an HIPS ( I'm using CIS ) or there are some conflict risks ? Someone is trying ?

 

very good review, tnx m8!

 

Why would you want to do that?
The whole beauty is that it's transparent.
Mrk

 

Works fine, just don't use EMET on the HIPS.

 

I installed this yesterday and I have Private Firewall with HIPS and so far okay.

 

I went to microsoft site looking for a 64bit version for my daughter's computer.

 

EMET installer is compatible with x86 as well as x64. You do not need separate installer for 64bit.

 

Oh wow, thank you Boyfriend.

 

Mitigation. I love that word. Seriously.

 

I have just started using it . I have added Firefox,Foxit reader,IE9,windows media player and Km player to the list.It would be to nice to know what programs/ Configuration Recommendations other people are adding(without problem) so that beginners can learn and add.

 

See here (under Recommended applications to add)

 

Thanks That was useful.

 

Thanks, this is exactly what I was looking for

 

Thanks you very much I was also looking for this.

 

Win 7 VM.

Added mbam.exe to EMET protect list and installed the exe killing rogue Security Tool.

At one stage after installing the rogue and a reboot the vm bsod and at reset it booted into a new profile with minimal services running, no graphics or sound.

At a second run where there was no bsod the exe killing rogue still kills everything.

IMO a useless and dangerous tool.

 

I can't see how to get 'green' under the heading 'Running EMET'.
That whole column is empty.
Any ideas?
Happy Holidays.
Hugger

 

Add a program under EMET and then run that program. A green tick mark will appear in front of program name under 'Running EMET' column.