What does EMET Enhanced Mitigation Experience Toolkit do exactly?

Discussion in 'other anti-virus software' started by nine9s, May 1, 2013.

Thread Status:
Not open for further replies.
  1. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    What does EMET do exactly? How does it add security to your system?

    I would think if it adds security and causes no problems, Microsoft would just add it as a feature of Windows by default, so I wonder if there are cons to it.

    What are Pro and more importantly Cons? Does it interfere with programs and cause problems for some legitimate programs and processes?

    Is it mainly for legacy software that is not updated, and not really beneficial to new actively updated software (Chrome for example)?
     
    Last edited: May 1, 2013
  2. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I am sure there are others that will post more details about what it does (I don't care to explain when I know someone will post a link to a site or blog of some kind explaining it better than I can) but potential cons and the reason that it is not just included by default are potential compatibility issues. It will cause some programs to crash. Overall I find it best to replace those programs with something newer/better.
     
  3. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Every PC has a unique hardware and software configuration. Even a given OS configuration can vary; fully patched, not patched at all, something in between. As such a sucessfull trouble free mass release of a low OS level tool such as EMET is impossible. A tool like EMET has to be monitored and "tweaked" in stages. EMET in it's present form is designed for IT pros, techies, and system administators.
     
  4. Dogbiscuit

    Dogbiscuit Guest

    It offers some protection from zero-day attacks.

    See here.
     
    Last edited by a moderator: May 2, 2013
  5. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    On side note:
    Kaspersky uses EMET technology in its security suite.
     
  6. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    No, it's basing its exploit prevention on ASLR, not EMET.
     
  7. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
    So if you use Kaspersky IS, EMET would be redundant or a waste or possibly conflict?
     
  8. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    I did not say it uses EMET.I said it uses EMET like technology.
     
  9. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,871
    If you are using kaspersky then you do not need EMET.

    That is way overboard.
     
  10. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,746
    Location:
    Texas
  11. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    Is there some place I can get more information on this?
     
  12. 3x0gR13N

    3x0gR13N Registered Member

    Joined:
    May 1, 2008
    Posts:
    754
    Kasperskys Automatic exploit prevention detect exploits after they have exploited the vulnerability and started executing the payload whereas EMET prevents the exploit from even exploiting the vulnerability in the program. Hence, you can use them together, they protect against the same thing but with different protection implementation and won't conflict. KIS AEP is similar to ExploitShield, it doesn't prevent exploits from occurring but detects the payload (and correlates it with the exploit that occurred previously) and prevents it from infecting the machine.

    He probably concluded that because of abovementioned Automatic exploit prevention in KIS.
    http://www.kaspersky.com/downloads/pdf/kaspersky_lab_whitepaper_automatic_exploit_prevention_eng_final.pdf
     
  13. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    Thanks for clearing that up.
     
  14. nine9s

    nine9s Registered Member

    Joined:
    Feb 8, 2013
    Posts:
    265
    Location:
    USA
  15. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,047
    Location:
    USA
    I would skip the 3.5 at this point. Do the 3.0 or the 4.0 beta.
     
Loading...
Thread Status:
Not open for further replies.