Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Extends EMET End of Life Date (itnews.com.au)

Posted by msmash on from the some-relaxation dept.

An anonymous reader writes: Microsoft will continue to support and provide security patches for its Enhanced Mitigation Experience Toolkit security software for Windows until July 31 2018, after taking customer feedback into account. EMET is a security utility software popular with enterprise customers running supported versions of Windows. It uses mitigation techniques to block attackers from exploiting vulnerabilities in software. The company's lead program manager for operating system security, Jeffrey Sutherland, said while EMET 5.5x will continue to be supported for another 18 months after the original end of life date of January next year, Microsoft recommended customers migrate to Windows 10 for improved security.

4 of 32 comments (clear)

  1. Let me get this straight. by techno-vampire · · Score: 2, Interesting

    EMET doesn't block malware from exploiting vulnerabilities, it tries to prevent malware from doing any damage after it gets through. If so, that's not at all unreasonable. You can't ever block all possible holes; at best, you can block the ones you know about, but you can add an extra layer of protection to the programs and files that malware targets. If so, that even gives you a little bit of protection against zero day exploits, because it doesn't do crackers any good to get in if they can't steal or corrupt your data.

    --
    Good, inexpensive web hosting
    1. Re:Let me get this straight. by EndlessNameless · · Score: 2

      I have no idea why this was modded up when it so obviously wrong.

      If you understand how the product works (at a level that allows you to configure it properly), you know that it is doing exactly that. It prevents malware from exploiting existing vulnerabilities. This protection can be applied to Windows itself as well as 3rd-party applications.

      As with any security hardening, there is a substantial risk of compatibility issues. Testing and policy exclusions will be necessary in any real production environment.

      And lest there be an argument:

      "The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited."

      From the actual EMET support page at https://support.microsoft.com/... (which took half a second to google)

      --

      ---
      According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
  2. Re:after taking customer feedback into account by sexconker · · Score: 2

    EMET isn't worthless. It's good for forcing protections on sloppy shit and for enforcing certificate pinning.
    You have to actively configure EMET for it to actually do anything worthwhile, though.

  3. Re:How about just FIXING THE BUGS by edtice1559 · · Score: 2

    The purpose of EMET is not to prevent exploitation of vulnerabilities in Microsoft software. It's for helping you deal with third-party software that doesn't have their own mitigation techniques built-in. Microsoft has updated all of it's software years ago to enable everything that's in EMET. The reason for dropping EMET is that adversaries have gotten quite good at getting around the EMET protections. The recommendation is to move to Windows 10 where you get much better protection without the need to use EMET. Stack cookies, control flow guard, delayed memory freeing, et cetera. You're never going to fix every bug, so you need mitigation techniques. It's just that EMET is long in the tooth and it's time to update the counter-measures.