The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult as possible to perform.The new EMET 4.0 also provides a configurable SSL/TLS certificate pinning feature that is called Certificate Trust. This feature is intended to detect man-in-the-middle attacks that are leveraging the public key infrastructure (PKI).
What's new in this version:
- Updated default protection profiles, Certificate Trust rules, and Group Policy Object configuration.
- Shared remote desktop environments are now supported on Windows servers where EMET is installed.
- Windows Event logging mechanism allows for more accurate reporting in multi-user scenarios.
- Addressed several application-compatibility enhancements and mitigation false positive reporting.