Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Bringing EMET Back As a Built-In Part of Windows 10 (arstechnica.com)

Posted by BeauHD on from the back-from-the-dead dept.

An anonymous reader quotes a report from Ars Technica: The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques -- some built in to Windows, some part of EMET itself -- to make exploitable security flaws harder to reliably exploit. The idea being that, even if coding bugs should occur, turning those bugs into actual security issues should be made as difficult as possible. With Windows 10, however, EMET's development was essentially cancelled. But as more mitigation capabilities have been put into Windows, the need for a system for managing and controlling them has not gone away. Some of the mitigations introduce application compatibility issues -- a few even require applications to be deliberately written with the mitigation in mind -- which means that Windows does not simply turn on every mitigation for every application. It's here that Exploit Guard comes in.

4 of 49 comments (clear)

  1. Java Killer! by sycodon · · Score: 4, Informative

    At my employer...a VERY large Defense company, they had pushed out EMET.

    It promptly broke almost all of our Java application (Kills the virtual machine). The third party desktop support people are authorized to disable or remove it.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
  2. Last Remote Root hole in OpenSSH ? Oh yeah, NEVER. by Seven+Spirals · · Score: 2

    All the worms, ransomware, and malware that gets widespread exposure and ends up loaded on millons of vectors is ALWAYS WINDOWS. Seriously. If you use Windows as a server platform you are an idiot. Rationalize all you want, but in the end we can lay this at the feet of the operator's choice of OS.

    Are there hacks, exploits, and malware for other operating systems? Sure! However, consider that these full-p3wnd remote exploits seem to get released as zero day at least once a year for Windows OS's and often the vulnerabilities go back for years. When was the last time you saw a remote-root exploit for SSH? Oh yeah, NEVER. If the NSA could have done it, the already would have and it'd likely be packaged with the same bundle of leaked material we've already seen chocked full of zero-day and other novel Windows exploits.

    Yes, other operating systems have flaws, too. However, if you pick the one with the biggest target painted on the side, expect turbulence!

  3. Pressing question by Torodung · · Score: 2

    So the question is, since it's called "Defender," do you need to run their lukewarm, signature-based Defender antivirus to use the EMET features? Because that would be a deal-breaker for me.

    1. Re:Pressing question by thegarbz · · Score: 2

      I'm sure you can install burning hot Mcafee too if you wish. Burning hot being what your CPU will be wherever you install it.