Vulnerability Mitigation: EMET 2.0

An update to a free vulnerability mitigation toolkit adds mitigations that can be applied to older applications to make them less vulnerable to malicious exploits. The Enhanced Mitigation Experience Toolkit (EMET) version 2.0 offers two additional vulnerability mitigation techniques that are included with Windows 7 and makes those mitigations available for applications running on Windows XP and Vista. The toolkit can help organizations protect applications, especially line-of-business and third-party applications, by deploying modern security mitigation technologies to arbitrary applications.

Hardening Older Applications

Many applications contain faults and code vulnerabilities that can be exploited by malicious users. Microsoft and others have developed techniques to mitigate vulnerabilities before and after program deployment and the latest Windows OSs contain several mitigations by default. While applications created with the latest Microsoft tools often have vulnerability mitigation built in, older applications built before those mitigation tools were available remain vulnerable to attacks. Frequently these applications would be difficult to rebuild and test, possibly because source code is not available or the knowledgeable programmers who built those applications have left. For these applications, customers can use EMET to minimize the likelihood of exploitation, akin to wrapping legacy Windows applications with layers of protective clothing.