Microsoft EMET 5.2 released – Stop Malware in it’s tracks

EMETicon200-175

If you have endpoint security concerns you should do yourself a favor and look into Microsoft EMET 5.2. I am having early success in testing this and recommend you do the same. According to Microsoft, “There is no one tool capable of preventing all attacks. EMET is designed to make it more difficult, expensive and time consuming, and therefore less likely, for attackers to exploit a system.”

Here is an excerpt from the product download page:

The Enhanced Mitigation Experience Toolkit (EMET) is designed to help customers with their defense in depth strategies against cyberattacks, by helping detect and block exploitation techniques that are commonly used to exploit memory corruption vulnerabilities. EMET anticipates the most common actions and techniques adversaries might use in compromising a computer, and helps protect by diverting, terminating, blocking, and invalidating those actions and techniques. EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software. EMET benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives.

Helps protect in a wide range of scenarios

EMET is compatible with most commonly used third-party applications at home and in the enterprise, from productivity software to music players. EMET works for a range of client and server operating systems used at home and in the enterprise**. When users browse secure HTTPS sites on the Internet or log on to popular social media sites, EMET can help further protect by validating Secure Sockets Layer (SSL) certificates against a set of user-defined rules.

emet list

Download it here: https://technet.microsoft.com/en-us/security/jj653751

In IT Security it helps to have a layered or “defense in depth” approach. I recommend you also look at Palo Alto “Traps” which is a more commercialized offering and has some unique improvements over what Microsoft is doing with EMET if you have budget for a tool.

Read more here: https://www.paloaltonetworks.com/products/endpoint-security.html