Microsoft releases technical preview of EMET 5.0

Microsoft is now letting anyone check out a technical preview of its Enhanced Mitigation Experience Toolkit 5.0, even as a security firm announced earlier this week that they have successfully bypassed the current 4.1 version.

Microsoft's release of the preview build of EMET 5.0 was timed to coincide with the annual RSA Conference this week. The application is supposed to help with stopping malware and exploits on Windows PCs that have yet to be patched by Microsoft. The 5.0 preview includes two new features to the program that will be put into the final version of the software. One of them is called Attack Surface Reduction, which is designed to fight off exploits caused by Java and Flash Player plug-ins. The other new feature is Export Address Table Filtering Plus, which adds some new capabilities to the existing EAF functions.

The EMET 5.0 preview is being released the same week as the security firm Bromium Labs publicly revealed they have been able to bypass the current 4.1 version of the software. While Microsoft did not mention this bit of news in their EMET 5.0 announcement, they did give thanks to Jared DeMott from Bromium Labs, among others, "for their collaboration" on the preview build. This would seem to suggest that version 5.0 will fix at least some of the exploits that were found in EMET 4.1.

Source: Microsoft | Image via Microsoft

Report a problem with article
Previous Story

Curious about Titanfall Xbox One Collector's Edition? Here's an unboxing video

Next Story

Microsoft might be cutting Windows Phone license price to OEMs by 70 percent too

4 Comments

One of them is called Attack Surface Reduction, which is designed to fight off exploits caused by Java and Flash Player plug-ins

ASR actually disables Flash Player, JAVA, and the VML Renderer in the Internet Zone, while allowing them to run in the Intranet Zone and Trusted Zone.

that's great for people who have to use JAVA on their intranet and are afraid of being infected by java flaws, especially if they still have to use the java 1.6 (which is no longer supported by oracle)

however, for most users, blocking Flash is a drastic measure, especially since there is no easy way to whitelist a site temporarily (unless you put it in the trusted zone, which is not recommended).

so if you want to use EMET5, you'll have to change registry settings to remove flash*.ocx from the list of DLLs to block.

I guess they'll provide a setting in their UI when EMET5 final is released.

anyway, ASR looks like an awesome feature.

link8506 said,

however, for most users, blocking Flash is a drastic measure, especially since there is no easy way to whitelist a site temporarily (unless you put it in the trusted zone, which is not recommended).
That's why Firefox is awesome

Commenting is disabled on this article.