1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attackers can turn Microsoft's exploit defense tool EMET against itself

Discussion in 'CSO' started by RSS, Feb 24, 2016.

  1. RSS

    RSS New Member Member

    Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen their Windows computers and applications against publicly known and unknown software exploits.

    Researchers from security vendor FireEye have found a method through which exploits can unload EMET-enforced protections by leveraging a legitimate function in the tool itself.

    Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. However, it's likely that many users haven't upgraded yet, because the new version mainly adds compatibility with Windows 10 and doesn't bring any new significant mitigations.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page