
“For users who get attacked before the latest updates have been applied or who get attacked before an update is even available in cases such as 0 day attacks, the results can be devastating: malware, loss of PII, loss of business data etc. Security mitigation technologies are designed to make it impossible or more difficult for an attacker to exploit vulnerabilities in a given piece of software. EMET allows users to leverage these technologies on their system”.
When installed on target system and properly configured, it protects applications from known and zero day malware attacks.
EMET Provided Mitigations:
- Structure Exception Handler Overwrite Protection (SEHOP)
- Dynamic Data Execution Prevention (DEP)
- Heapspray Allocations
- Null page allocation
- Mandatory Address Space Layout Randomization (ASLR)
- Export Address Table Access Filtering (EAF)
- Bottom-up randomization
It works on any Windows version starting from XP SP 3 / Server 2003 SP 1.
However, it is not “out of the box” tool and require custom configuration and testing.I am running it on my machine and so far it did not do anything wrong.
EMET Info Page:
http://support.microsoft.com/kb/2458544
EMET Download:
http://www.microsoft.com/en-us/download/details.aspx?id=29851
EMET Support Page:
http://social.technet.microsoft.com/Forums/en/emet/threads
EMET protecting 0-day attacks on Adobe:
http://www.eweek.com/c/a/Security/Microsoft-Security-Tool-Mitigates-Adobe-Zeroday-Vulnerability-140681/
Redmondmag.com review:
http://redmondmag.com/articles/2012/05/15/microsoft-releases-emet-3-security-tool-for-windows.aspx