'New version of EMET is now available - Security Research & Defense'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       patchmanagement
Subject:    New version of EMET is now available - Security Research & Defense
From:       Susan Bradley <sbradcpa () pacbell ! net>
Date:       2011-05-18 22:21:40
Message-ID: 4DD44674.2020005 () pacbell ! net
[Download RAW message or body]

New version of EMET is now available - Security Research & Defense - 
Site Home - TechNet Blogs:
http://blogs.technet.com/b/srd/archive/2011/05/18/new-version-of-emet-is-now-available.aspx


Today we are pleased to announce a new version of the Enhanced 
Mitigation Experience Toolkit (EMET) with brand new features and 
mitigations. Users can click here to download the tool 
<http://go.microsoft.com/fwlink/?LinkID=200220&clcid=0x409> free of charge.

The Enhanced Mitigation Experience Toolkit enables and implements 
different techniques to make successful attacks on your system more 
difficult. EMET is designed to mitigate exploitation attempts (even of 
0-days) by making “current” exploitation techniques harder and less 
reliable. Users interested in finding out more about EMET can read more 
here <http://support.microsoft.com/kb/2458544>.

EMET has a proven track record of stopping real-life attacks, as we have 
detailed in our previous blog-posts here 
<http://blogs.technet.com/b/srd/archive/2010/09/10/use-emet-2-0-to-block-the-adobe-0-day-exploit.aspx> \
 , here 
<http://blogs.technet.com/b/srd/archive/2011/03/17/blocking-exploit-attempts-of-the-recent-flash-0-day.aspx> \
 and here 
<http://blogs.technet.com/b/srd/archive/2010/11/03/dep-emet-protect-against-attacks-on-the-latest-internet-explorer-vulnerability.aspx>.


This release marks a big milestone for EMET since this is the first 
version that is available as an officially-supported product. Support 
will be form based, with the on-line form available here 
<http://go.microsoft.com/fwlink/?LinkID=213962&clcid=0x409>.

Today’s release comes with some new features:

    * EMET is an officially-supported product through online forms
      <http://go.microsoft.com/fwlink/?LinkID=213962&clcid=0x409>
    * “Bottom-up Rand” new mitigation randomizes (8 bits of entropy) the
      base address of bottom-up allocations (including heaps, stacks,
      and other memory allocations) once EMET has enabled this mitigation.
    * Export Address Filtering is now available for 64 bit processes.
      EAF filters all accesses to the Export Address Table which blocks
      most of the existing shellcodes
    * Improved command line support for enterprise deployment and
      configuration
    * Ability to export/import EMET settings
    * Improved SEHOP (structured exception handler overwrite protection)
      mitigation
    * Minor bug fixes

I would like to thank Matt Miller for his work on EMET.

- Fermin J. Serna, MSRC Engineering



---
When posting or replying to messages on this list, please send all
emails in plain text format.  HTML formatted messages will not be accepted.

PatchManagement.org is hosted by Shavlik Technologies

To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic