Slashdot Mirror

← Back to Stories (view on slashdot.org)

Attackers Can Turn Microsoft's Exploit Defense Tool EMET Against Itself (csoonline.com)

Posted by timothy on from the friends-like-these dept.

itwbennett writes: FireEye researchers have found a way for exploits to trigger a specific function in EMET that disables all protections it enforces for other applications. The researchers believe that their new technique, which essentially uses EMET against itself, is more reliable and easier to use than any previously published bypasses. It works against all supported versions of EMET — 5.0, 5.1 and 5.2 — but Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. So if you haven't upgraded yet, now would be a good time to do it. For more about how the technique works, read FireEye's blog post.

1 of 40 comments (clear)

  1. Re:WTF, Microsoft? by Gr8Apes · · Score: 1, Interesting

    The whack-a-mole game of insecurity with MS goes on....

    Q: How do you secure a windows system?
    A: Install another vendor's OS.

    --
    The cesspool just got a check and balance.