Cool, now I am curious if EMET will block the attack if lsass is protected. So I will run the test tonight or tomorrow. If you guys want to post exactly how you would like me to configure EMET, that will be helpful.in EMET all 3 protections must be enabled and the list of apps properly edited. EMET is like the SRP of memory.
Those users you mentioned are noobs trying to play with what they can't understand. so obviously they fail.