Attackers Can Turn Microsoft's Exploit Defense Tool EMET Against Itself (csoonline.com)

Posted by timothy on Wednesday February 24, 2016 @02:22AM from the friends-like-these dept.

itwbennett writes: FireEye researchers have found a way for exploits to trigger a specific function in EMET that disables all protections it enforces for other applications. The researchers believe that their new technique, which essentially uses EMET against itself, is more reliable and easier to use than any previously published bypasses. It works against all supported versions of EMET — 5.0, 5.1 and 5.2 — but Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. So if you haven't upgraded yet, now would be a good time to do it. For more about how the technique works, read FireEye's blog post.

2 of 40 comments (clear)

Min score:

Reason:

Sort:

HUGE patch download! by DoofusOfDeath · 2016-02-24 02:49 · Score: 3, Funny

For the convenience of Microsoft's customers, the patch for the EMET exploit will also provide a FREE upgrade to Windows 10!
1. Re:HUGE patch download! by Virtucon · 2016-02-24 03:00 · Score: 3, Funny
  
  with ask.com as your default home page and chrome as your browser? Win!
  
  --
  Harrison's Postulate - "For every action there is an equal and opposite criticism"