1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Widespread exploits evade protections enforced by Microsoft EMET

Discussion in 'CSO' started by RSS, Jun 6, 2016.

  1. RSS

    RSS New Member Member

    It's bad news for businesses. Hackers have launched large-scale attacks that are capable of bypassing the security protections added by Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool whose goal is to stop software exploits.

    Security researchers from FireEye have observed Silverlight and Flash Player exploits designed to evade EMET mitigations such as Data Execution Prevention (DEP), Export Address Table Access Filtering (EAF) and Export Address Table Access Filtering Plus (EAF+). The exploits have been recently added to the Angler exploit kit.

    Angler is one of the most widely used attack tools used by cybercriminals to launch Web-based, "drive-by" download attacks. It is capable of installing malware by exploiting vulnerabilities in users' browsers or browser plug-ins when they visit compromised websites or view maliciously crafted ads.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page