Microsoft refuses EMET support
Microsoft announced the refusal to support the well-known free EMET security tool. MS calls the output of Windows 10, which already supports a number of even more advanced protection against exploits using virtualization (Device Guard, Credential Guard, Windows Defender Application Guard), as the two main reasons for this step. The second reason is that EMET itself was never a real security product for long-term use, but was used as a platform for rolling in new methods to protect against exploitation of vulnerabilities.
The current version of EMET v5.5, it will be supported until July 31, 2018. Thus, until this date, Microsoft will still release security updates for EMET, however, adding new features is not planned there.
EMET was very useful for users of not only outdated versions of Windows, but also the latest Windows 10. Support for Windows 10 was added in EMET 5.5. The tool prompted users to select certain security-critical user processes in the system, for example, a web browser, an email client, Adobe Reader, Java, etc., and to activate additional security features for them to block exploit activities. Such operations are carried out either by intercepting Windows API calls in the context of processes, or by prohibiting loading of vulnerable libraries into the context of processes.
')
Fig. EMET interface.
Nevertheless, it is worth noting that the specified Microsoft advanced protection mechanisms against exploits and malware based on virtualization (Windows 10) under the names Device Guard, Credential Guard and Windows Defender Application Guard are available only to users of Enterprise versions of Windows. All of them are based on isolation of security-critical mechanisms or untrusted content into virtual machines with different virtual levels of trust in relation to the hypervisor. For example, the Windows Defender Application Guard for Microsoft Edge measure, which we described in our blog not so long ago, is based on the execution of the suspicious content of the Edge web browser on a separate virtual machine.
Microsoft indicates that with the transition to a new model of working with Windows called Windows as a Service, which appeared in Windows 10, new security features will be regularly delivered to users of this OS. This is significantly different from the approach that Microsoft used earlier when users had to wait several years before releasing a new version of Windows with new security features. Windows as a Service involves the release of significant updates to Windows 10 and security features several times a year.
» EMET, prevention of operation and non-obvious settings
Microsoft introduced Windows Defender Application Guard for Edge web browser
Microsoft can integrate CFG into the Windows kernel
Microsoft Improves Windows 10 Core Security
» Exploit Protection for Windows Users
» EMET 5.0 released
" Vulnerability found in EMET
Finally, we’ve been pleased to see the 18 months. July 31, 2018. The new end of life date is July 31, 2018. EMET after July 31, 2018 . For improved security, our recommendation to Windows 10.
The current version of EMET v5.5, it will be supported until July 31, 2018. Thus, until this date, Microsoft will still release security updates for EMET, however, adding new features is not planned there.
EMET was very useful for users of not only outdated versions of Windows, but also the latest Windows 10. Support for Windows 10 was added in EMET 5.5. The tool prompted users to select certain security-critical user processes in the system, for example, a web browser, an email client, Adobe Reader, Java, etc., and to activate additional security features for them to block exploit activities. Such operations are carried out either by intercepting Windows API calls in the context of processes, or by prohibiting loading of vulnerable libraries into the context of processes.
')
Fig. EMET interface.
Nevertheless, it is worth noting that the specified Microsoft advanced protection mechanisms against exploits and malware based on virtualization (Windows 10) under the names Device Guard, Credential Guard and Windows Defender Application Guard are available only to users of Enterprise versions of Windows. All of them are based on isolation of security-critical mechanisms or untrusted content into virtual machines with different virtual levels of trust in relation to the hypervisor. For example, the Windows Defender Application Guard for Microsoft Edge measure, which we described in our blog not so long ago, is based on the execution of the suspicious content of the Edge web browser on a separate virtual machine.
Beginning with Windows 10, as a Service. Since its initial launch in July 2015, it has been expected to continue. More importantly, it has been made.
Microsoft indicates that with the transition to a new model of working with Windows called Windows as a Service, which appeared in Windows 10, new security features will be regularly delivered to users of this OS. This is significantly different from the approach that Microsoft used earlier when users had to wait several years before releasing a new version of Windows with new security features. Windows as a Service involves the release of significant updates to Windows 10 and security features several times a year.
» EMET, prevention of operation and non-obvious settings
Microsoft introduced Windows Defender Application Guard for Edge web browser
Microsoft can integrate CFG into the Windows kernel
Microsoft Improves Windows 10 Core Security
» Exploit Protection for Windows Users
» EMET 5.0 released
" Vulnerability found in EMET
Source: https://habr.com/ru/post/314418/
All Articles