EMET (Enhanced Mitigation Experience Toolkit)

Afaik, programs can opt out themselves as well, they can't if you set it to Always On.

 

This Microsoft article explains DEP and its mitigations in detail: http://blogs.technet.com/b/srd/archive/2009/06/05/understanding-dep-as-a-mitigation-technology-part-1.aspx.

I believe all EMET did pertaining to DEP was to allow DEP to be opted-in per process for apps not having the /NXCOMPT option set on as was required previously. There has been considerable discussion in this forum and other web sources if EMET's DEP is different than the OS DEP feature. If you read the DEP section in the EMET user manual, it implies this. I believe the consensus is that the OS DEP only applies to the primary app and not any sub-processes whereas EMET's opt-in feature will apply to any called sub-processes. At least that is what I have gleamed from the discussion.

I agree when you set DEP to "always on," you are essentially overriding all app EMET functionallity for DEP. Proof of this is evidenced by the DEP setting for all apps being set off in the EMET 4.0 GUI and the setting column greyed out and nonaccessible.

 

Thank you. I see that the answer to my question is that EMET DEP "Opt Out" is of the same strength as DEP "Always ON".

 

Thanks, Itman.

Yeah, I tweaked it out so it doesn't DEP warn in PotPlayer.

If anyone else is seeing or can explain why DEP is erasing files--let me know.

It makes no sense.

& Itman. Your problems reminds me of an extension I used in Fox which made searches more Omnibar-like. It would try to use Google instant and Google would see it hammering requests so would pop up a captcha/DDoS protection as you see when using TOR.

 

Well I have been running with recommended settings, all system mitigations opt-in, for some time without an IE9 crash due to EMET.dll, so I think I have that one resolved for now.

My best guess is something in EMET 4.0 doesn't like Emsisoft Anti-malware 8. Have no hard proof on that but it is the only realtime protection I use excluding the WIN 7 firewall. W.O.T still acts up at times primarily a slow initial start-up the first time I access IE9 after a cold boot. Also ratings display sputters at time but it has always done that as long as I can remember.

 

v 4.1 is out

 

Can I install on top of 4.0 ?
Edit: 4.1 installer installs in folder EMET 4.1. Old version was installed in EMET 4.0. So I removed old version and installed the new one.

 

Updated, thanks for the notification!

 

I believe there is no need to uninstall 4.0. On my PC 4.1 substituted 4.0 adopting its settings (only in "Mitigation Settings" it unchecked "Anti Detours" and "Banned Functions", I checked them again).

Then the folder "C:\Program Files (x86)\EMET 4.0" was replaced with corresponding folder for EMET 4.1.

I have to reboot PC twice to finish installation.

 

Great! Installed this and can't even get Firefox to launch. Too late too troubleshoot now. If I haven't figure it out by morning it's coming back off.

 

Th Enne.

 

And I though Patch Tuesday was finished after Windows Updates, Chrome, Flash, and Avast...

 

Uninstalled 4.0 and installed 4.1. No problems so far.

 

Installed over 4.0 without any problem.

 

Uninstalled 4 and installed 4.1. No issues.

However after enabling deep hooks option, i was not able to launch firefox or chrome. Disabling deep hooks option again resolved the issue. Perhaps you might want to see if its disabled or not. just my 2 cents

 

Chrome crashed again for me. I have had to remove it from the applications list. I am not sure if it is a SEHOP or EAF problem. I have tried disabling both and Chrome still crashes. Otherwise, I have no problem with the upgrade. There is no help on the Chrome forum or the EMET forum, re: Chrome crashes (older versions of EMET recommend disabling EAF, but from v4 onward, nothing).

 

Are there any popups from EMET when Chrome crashes?

 

Thanks for the tip. Unfortunately I hadn't enabled that so it is likely something else. I just installed EMET 4.1 on my laptop and it works fine. I have ESET Smart Security on the laptop and Norton Internet Security on the desktop. I'm wondering if it is the Norton browser plugins. I will have to test that later. If that is it I guess ESET will be going on both. That was likely coming anyway.

 

Did that also happen with Deep Hooks enabled in 4.0?

 

Just tried on a machine that still has 4.0. Doesn't seem to be a problem.

 

What's new?

Hmm, strange.

 

I haven't enabled it in 4.0, though i have been using EMET 4.0 for the last 2 weeks only.

I always used to have issues with firefox with few websites and so not used it before.

 

After some testing on another machine it does not appear to be the Norton plugins. Not sure what else if different. Will have to test it later when I have access to the machine with the problem.

 

No problems Chrome issues with checking all mitigations and deep hooks.

 

Hi Solarlynx. Not from EMET. I get the standard windows popup ... Chrome has stopped working. Program will be shutdown. When I remove the exec from the applications list in EMET and reboot, Chrome runs just fine. I am considering an uninstall and reinstall of EMET as all my upgrades have been write-overs (maybe something got corrupted somewhere and Chrome is being impacted by it). I see that others are OK with Chrome. Hope this is a straight forward uninstall (any guidance will be much appreciated).