locked
EMET system options to consider adding RRS feed

  • Question

  • I emailed this, sorry if it's a duplication.  I enabled CWDIllegalInDllSearch at the 0xffffffff level with minimal impact (I had to create one exception for a cheapo image-editing program), so it occurred to me that it could be a viable EMET option if you add an opt-out routine for programs that need exemptions.

    I'd also find an AutoRun toggle useful.  AutoRun malware can spread on more than just USB devices; there are malware families that will add AutoRun worms to the files waiting to be burned to CD/DVD, for example.  Part of my system configuration routine is to disable all AutoRun functionality via both GPO and Microsoft's FixIt.  Add it to EMET and it'll be up to the customer to decide if they can trade ease of use for a proactive security countermeasure.

    Keep up the good work.  When's EMET 3.5 Final coming out?

    Monday, October 1, 2012 5:21 AM

All replies

  • This is old question , however Windows 10 comes with several of EMET features build inside the operating system and you won't need EMET for Windows 10 (latest build) and you could just configure these security features.
    Wednesday, February 13, 2019 7:13 PM