Microsoft has released a new version of its Enhanced Mitigation Experience Toolkit, a free download that gives IT staffs the ability to better defend against exploit attempts. The EMET now includes support, as well.
EMET is a toolkit that essentially is designed to add exploit mitigation technologies such as ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention) to applications that weren’t built with those technologies included. Microsoft started including these exploit mitigations to its own products a few years ago as part of its Trustworthy Computing initiative, but the EMET gives enterprises the opportunity to add them to any application.
“The Enhanced Mitigation Experience Toolkit (EMET) is a utility that
helps prevent vulnerabilities in software from being successfully
exploited. EMET achieves this by using security mitigation technologies.
These technologies function as special protections and obstacles that
an exploit author must defeat to exploit software vulnerabilities. These
security mitigation technologies do not guarantee that vulnerabilities
cannot be exploited. However, they work to make exploitation as
difficult to perform as possible. In many instances, a fully-functional
exploit that can bypass EMET may never be developed,” Microsoft says in the documentation for the toolkit.
In addition to the ability to add ASLR, DEP and SEHOP to older apps, the new version of the toolkit also includes some techniques designed to stop some specific exploitation techniques that attackers are using right now.
“The toolkit includes several pseudo mitigation technologies aimed at
disrupting current exploit techniques. These pseudo mitigations are not
robust enough to stop future exploit techniques, but can help prevent
users from being compromised by many of the exploits currently in use.
The mitigations are also designed so that they can be easily updated as
attackers start using new exploit techniques,” Microsoft said.
Microsoft originally pushed out EMET to IT departments last summer. Users can download the newest version of EMET here.