Microsoft extends support for EMET security tool

tim one

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Windows Vista, 7 and 8 users can keep using code Redmond says has 'serious limits'

Microsoft has extended the support life of its enhanced mitigation toolkit (EMET) affording Windows 8 laggards an extra 18 months of protection.

EMET adds extra defences to older versions of Windows, dating all the way back to Vista. Among the improvements it offers are address space layout randomisation and data execution prevention. Both make it harder to compromise systems.

Microsoft baked those features and more into Windows 10, giving users of Microsoft's latest platform few reasons to run EMET.

EMET nonetheless added support for Windows 10 last February in version 5.5.

The tool, borne of Microsoft's defensive platform-building competition BlueHat, is not infallible; ransomware scum have wormed around it as have a regular barrage of researchers who have found complex ways to bypass every version of EMET.

Some researchers have even used EMET to compromise EMET.

Yet the tool is considered a high-quality production and credited with making Windows 10 in the words of Google's Project Zero hack house "mostly harmless", a security upgrade on Windows 8.1 and earlier.

Windows users seemingly agree and have had their pleas for EMET's stay of execution answered.

Jeffrey Sutherland, Microsoft's principal lead program for OS security, says EMET will continue to support Windows 8 and 7 users and Vista laggards until July 2018.

".. we have listened to customers’ feedback regarding the January 27, 2017 end of life date for EMET and we are pleased to announce that the end of life date is being extended 18 months," Sutherland says.

"The new end of life date is July 31, 2018.

"For improved security, our recommendation is for customers to migrate to Windows 10."

That will bring EMET's end of life closer in line with the January 2018 cessation of Windows 8 support.

Sutherland warns that EMET has "serious limits" as it is a bolt-on security tool. This manifests in the consistent bypassing of EMET defences, being effective at squashing older exploits but not those which are likely to be cooked up in the near future.

"Not surprisingly, one can find well-publicised, often trivial bypasses, readily available online to circumvent EMET," Sutherland says.

The security tool was also a performance pig thanks to ad-hoc low-level operating system hooks that triggered "serious side-effects".

It is also outpaced by Windows 10 defences, especially when up against modern exploits, Sutherland says. ®
 

Dirk41

Level 17
Verified
Top Poster
Mar 17, 2016
797
From the article I want to highlight this link https://www.blackhat.com/docs/us-16/materials/us-16-Weston-Windows-10-Mitigation-Improvements.pdf

Many people discuss about if defender it 's enough or not . For sure it's better to have a second option on demand but there are more in built security features in w10.

Anyway Unfortunately some/most of the features mentioned in the article are just for enterprise .
So don't be surprised MS if your consumers don't trust much defender.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top