Stop Hackers Gaining Access to Your System with Enhanced Mitigation Experience Toolkit v3.0

Enhanced Mitigation Experience Toolkit v3.0 designed to help prevent hackers from gaining access to your system is now available through Microsoft Download Center. "Software vulnerabilities and exploits have become an everyday part of life. The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to […]

Enhanced Mitigation Experience Toolkit v3.0 designed to help prevent hackers from gaining access to your system is now available through Microsoft Download Center.

"Software vulnerabilities and exploits have become an everyday part of life. The toolkit includes several pseudo mitigation technologies aimed at disrupting current exploit techniques. These pseudo mitigations are not robust enough to stop future exploit techniques, but can help prevent users from being compromised by many of the exploits currently in use. The mitigations are also designed so that they can be easily updated as attackers start using new exploit techniques," Microsoft explained.

EMET allows users to manage these technologies on their system and provides several unique benefits - per Microsoft:

Enhanced Mitigation Experience Toolkit v3.0

Here are some of the highlights of and new features in EMET 3.0.

  • Making configuration easy
  • Enterprise deployment via Group Policy and SCCM
  • Reporting capability via the new EMET Notifier feature

EMET 3.0 comes with three default "Protection Profiles". Protection Profiles are XML files that contain pre-configured EMET settings for common Microsoft and third-party applications. Under EMET's installation directory, these files are in the Deployment\Protection Profiles folder. You can enable them as-is, modify them, or create new protection profiles based on them.

The three profiles that ship with EMET 3.0 are:

  • Internet Explorer.xml: Enables mitigations for supported versions of Microsoft Internet Explorer.
  • Office Software.xml: Enables mitigations for supported versions of Microsoft Internet Explorer, applications that are part of the Microsoft Office suite, Adobe Acrobat 8-10 and Adobe Acrobat Reader 8-10.
  • All.xml: Enables mitigations for common home and enterprise applications, including Microsoft Internet Explorer and Microsoft Office.
  1. "No source code needed: Until now, several of the available mitigations (such as Data Execution Prevention) have required for an application to be manually opted in and recompiled. EMET changes this by allowing a user to opt in applications without recompilation. This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.
  2. Highly configurable: EMET provides a higher degree of granularity by allowing mitigations to be individually applied on a per process basis. There is no need to enable an entire product or suite of applications. This is helpful in situations where a process is not compatible with a particular mitigation technology. When that happens, a user can simply turn that mitigation off for that process.
  3. Helps harden legacy applications: It's not uncommon to have a hard dependency on old legacy software that cannot easily be rewritten and needs to be phased out slowly. Unfortunately, this can easily pose a security risk as legacy software is notorious for having security vulnerabilities. While the real solution to this is migrating away from the legacy software, EMET can help manage the risk while this is occurring by making it harder to hackers to exploit vulnerabilities in the legacy software.
  4. Ease of use: The policy for system wide mitigations can be seen and configured with EMET's graphical user interface. There is no need to locate up and decipher registry keys or run platform dependent utilities. With EMET you can adjust setting with a single consistent interface regardless of the underlying platform.
  5. Ease of deploy: EMET comes with built-in support for enterprise deployment and configuration technologies. This enables administrators to use Group Policy or System Center Configuration Manager to deploy, configure and monitor EMET installations across the enterprise environment.
  6. Ongoing improvement: EMET is a living tool designed to be updated as new mitigation technologies become available. This provides a chance for users to try out and benefit from cutting edge mitigations. The release cycle for EMET is also not tied to any product. EMET updates can be made dynamically as soon as new mitigations are ready," Microsoft explained.

Download Enhanced Mitigation Experience Toolkit v3.0 here.