EMET 5.0 released

Microsoft released the fifth version of the EMET tool (EMET 5.0), which we wrote about in detail here and here . The release version replaces EMET 5.0 Technical Preview 3, which was available to users prior to the release of this version. We have stayed in detail here on EMET 5.0 technical capabilities, they include Attack Surface Reduction (ASR) and Export Address Table Filtering Plus (EAF +) mechanisms. In addition, the developers have added a more user-friendly interface (first introduced in EMET 5.0 TP3). Now, instead of dry tables with checkboxes that include the necessary security options, double-clicking on the process will show the options enabled for it with their minimum clarification.



The EMET tool is free to use and is being promoted by Microsoft as one of the main tools to protect against exploits, including 0day. In many of the Security Advisory, produced by the company, you can see a reference to EMET. The tool, to a greater extent, is aimed at technical specialists and contains various settings, some of which are turned off by default to provide the necessary level of compatibility with applications (EMET performs the inline patching of the code of protected processes, intercepting API calls there, see links above ). However, even for a regular user who cannot deal with all the settings, EMET can be very useful with the default settings.
')

Fig. EMET has become more user friendly.

Detailed information on ASR and EAF + settings can be found here .
You can download the new version of EMET here .