Malwarebytes Anti Exploit and EMET

I know, but things that are merely an interface for configuring OS mitigations don't really count. e.g. EMET doesn't implement those things, just Mandatory ASLR. Mandatory ASLR could be done on XP fine as well (no issue at all), just that it (as in Vista+) would only apply to DLLs loaded at runtime, not by the Windows loader before runtime, but the main reason it's "useless" from EMET's view (and is mostly true) is because without ASLR on XP, the address of GetModuleHandle/GetProcAddress and other stuff is always known, so anything in a Mandatory ASLR'd DLL could easily be found anyway. Although if an exploit didn't use that stuff, it's possible it could prevent something if a runtime-loaded DLL wasn't at an expected location on XP. (I was thinking recently if I could make a Sandboxie InjectDLL that could prevent some of that, but I'm not sure if would be much real use...)

Your second point: Yeah, I guess... But hopefully EMET on XP (or MBAE with any memory protections) can prevent an exploit from succeeding before it's at the point of trying to bypass [XP's nonexistent] ASLR?!

 

Please comment on HitMan Pro Alert as well. Is it in the same genre as MBAE, EMET, et alia?

Also, how is Open EMET progressing, do you know?