locked
Windows 10 cannot protect applications like EMET can RRS feed

  • General discussion

  • Recently, Microsoft published a blog post called Moving Beyond EMET (https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/) that appears to make two main points: (1) Microsoft EMET will no longer support EMET after July 31, 2018, and (2) Windows 10 provides protections that make EMET unnecessary. In this blog post, I explain why Windows 10 does not provide the additional protections that EMET does and why EMET is still an important tool to help prevent exploitation of vulnerabilities...

    https://insights.sei.cmu.edu/cert/2016/11/windows-10-cannot-protect-insecure-applications-like-emet-can.html

    The Software Engineering Institute (SEI) is a federally funded research and development center (FFRDC) sponsored by the U.S. Department of Defense (DoD). It is operated by Carnegie Mellon University.

    Thursday, December 8, 2016 1:01 PM

All replies

  • I agree with your conclusions regarding Microsoft EMET and its cross-platform protection abilities. For folks like me, with Windows 10 Home, it is a vital adjunct. I have just a few 'layperson' tips;

    I am learning about Certificate Pinning, have found the process wanting. Disabled.

    Research of every single application in literature available, and tailoring the mitigations accordingly.

    Windows 10 is the best product the folks in Redmond have ever produced. EMET follows close behind. I just wish the !0 support folks would climb out of the box that all operating system gurus fall into. The one labeled 'Hubris'. Change the schedule, bring out an EMET 6.01, and let the hatchet fall in 2021.

    I did not have to reread Special Relativity to understand that sometimes, if one understands mathematics, solutions are not answers. They are vectors, and by simply keying 'Enter' on my keyboard I now have ASR enabled in Firefox. And a green smiley on my EMET Running Processes board.

    Sunday, January 22, 2017 11:53 PM