EMET 5.2

Product name
EMET 5.2 Stable version
Pros
  • -You don't need the source code of any program. EMET, unlike technologies such as DEP (Data Execution Prevention), does not require an application's source code and later Its rebuilding.
    -Very flexible Configuration. EMET offers the possibility to implement policies to reduce the risk to individual applications or specific processes. There is therefore no need to activate EMET protection on an entire suite of programs but action can be narrowed to a single software component.
    -Possibility to "strengthen" the older applications. Emet is designed to protect especially those programs that sometimes are no longer supported by the manufacturer. .
    -EMET resists pretty well to attacks and attempts at bypassing.
    -It uses Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) and Structured Exception Handler Overwrite Protection (SEHOP) and allows to detect and block attacks that rely on technique ROP (return-oriented programming), frequently used to overcome DEP, and prevent "man-in-the-middle attacks aimed at altering the encrypted communications through the use of SSL.
    -It is compatible with most commonly used third-party applications (with exceptions)
CONS
-EMET_Agent uses 17,5 MB Ram on my system, compared to MBAM.
-On advanced configuration an average user, in my opinion, may not understand any changes in the configuration.
-It is necessary to restart the computer to apply the changes
-Possibility of conflict with some applications: the technologies used by EMET include a risk related to application compatibility. Some applications rely on the behavior that was blocked by attenuations
-It requires Microsoft .NET Framework 4.0. Also, for EMET functions with Internet Explorer on Windows 8 and 10 Windows Server 2012, KB2790907 or a more recent version of the compatibility update for Windows 8 or Windows Server 2012 must be installed.
BOTTOM LINE
EMET is a software that can mitigate the consequences of the "zero day" attacks: those attacks that began in "zero day" immediately after the discovery of a vulnerability.
Attacks using zero-day vulnerability can cause a lot of damage because the manufacturer of the "fall" application has not yet issued a corrective patch.
I was impressed but as happens in this type of security products isn't easy to test the real effectiveness.
L

LabZero

Thread author
Test performed on Windows 7 Pro SP1 x64.

As you can see, select "Use recommended settings", EMET automatically configures even programs like Adobe Acrobat, Adobe Reader and Java so that use DEP, ASLR and other security technologies offered by the operating system.

Cattura.PNG

By clicking on "Apps", you can check which installed applications are using or will use, just running, the security features of Windows:


Cattura2.PNG

Thanks for reading.:)
 
  • Like
Reactions: JM Safe, Jack, Solarlynx and 8 others
L

LabZero

Thread author
RmG152 said:
In comparison, maybe but in a review? 100+ MB maybe, but less than 50~100 ?
Click to expand...
Edited review
It is not unusual in a review comparing products of the same category that have more or less the same features.
EMET consumes much more RAM compared to MBAM and in my opinion this is bad.
Who has limited machine resources can't be happy to know it, considering this consumption must be added to other security apps (AV, IS, etc).
 
Last edited by a moderator:
  • Like
Reactions: JM Safe, Andytay70, Sr. Normal and 1 other person
tonibalas

tonibalas

Level 40
Verified
Honorary Member
Top Poster
Well-known
Sep 26, 2014
2,973
In my system MBAE Premium was using 3 MB of RAM but browsing the internet was very slow
so i was forced to remove it.
So my point is that RAM usage doesn't always tell you if a software is heavy or not on system resources.
 
  • Like
Reactions: JM Safe, frogboy, LabZero and 2 others
L

LabZero

Thread author
tonibalas said:
In my system MBAE Premium was using 3 MB of RAM but browsing the internet was very slow
so i was forced to remove it.
So my point is that RAM usage doesn't always tell you if a software is heavy or not on system resources.
Click to expand...
I don't know about MBAE Premium, perhaps having more protection levels, It can interfere with browsing speed.
About MBAE free, I didn't notice slowdowns.
 
  • Like
Reactions: JM Safe, frogboy, Sr. Normal and 1 other person
Solarlynx

Solarlynx

Level 15
Verified
Top Poster
Well-known
Apr 30, 2012
711
Klipsh said:
I don't know about MBAE Premium, perhaps having more protection levels, It can interfere with browsing speed.
About MBAE free, I didn't notice slowdowns.
Click to expand...

MBAE Premium has the same protection levels as Free. You cannot add custom shields and default apps list is considerable shorter.
 
  • Like
Reactions: frogboy and LabZero
Solarlynx

Solarlynx

Level 15
Verified
Top Poster
Well-known
Apr 30, 2012
711
Klipsh said:
Ok but the concept was to understand why MAE Premium slows connection while with the free version I had no problems.
Click to expand...

Sorry I don't have any idea. On my PC Premium and Free work the same. This is a good question to MBAE forum or respective forum at Wilders, where a developer pbust (ZeroVulnLabs) appears.
 
  • Like
Reactions: LabZero
Online_Sword

Online_Sword

Level 12
Verified
Honorary Member
Top Poster
Well-known
Mar 23, 2015
555
Could anyone share his/her customized configuration of EMET 5.2?
Could I simply add web applications to the list of EMET and then forget them?
 
CMLew

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
Is EMET issued by Microsoft? The interface looks like it.
How would it work with Window Defender?
 
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
@CMLew: Well EMET is a standalone tool created by Microsoft (you need to download) and having with WD are different things on their concept.

When EMET detected a mitigation, it will close the process hence its up to WD if there will be any threats found for possible drop of files.
 
  • Like
Reactions: Online_Sword
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Security News The February 2024 Security Update Review
Replies
3
Views
927
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Gandalf_The_Grey
    • Like
    • +Reputation
Security News The November 2023 Security Update Review
Replies
2
Views
1,289
Security News
Gandalf_The_Grey
Gandalf_The_Grey
silversurfer
    • Like
    • Wow
    • Sad
New Update Microsoft Edge switches to Adobe Acrobat PDF for it's built-in PDF reader
Replies
13
Views
1,530
Microsoft Edge
B-boy/StyLe/
B-boy/StyLe/

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top