Updated EMET Tool Mitigates Security Risks

A fifth version of the free Enhanced Mitigation Experience Toolkit (EMET) has been released. It adds a new mitigation that can block browser plug-ins for Internet Explorer (IE) and prevent other potentially vulnerable modules from running in Office applications. In addition, EMET itself has been hardened against techniques that could be used to bypass it entirely. The updated tool will be particularly useful to protect older applications against malware.

New Attack Surface Reduction

Many applications contain faults and code vulnerabilities that can be exploited by malicious software. The latest Windows OSs contain several mitigations by default, but applications built on an older OS before these mitigation tools were available remain vulnerable to attacks. EMET is a free toolkit that installs an agent that applies mitigations to these older applications to make them less vulnerable to exploits. No source code is needed since EMET works with existing applications. EMET has a user interface that allows customers to apply mitigation features on a per-application basis, but the recommended default configuration should be sufficient for most users in many organizations.