Experts Find Vulnerabilities in Microsoft’s EMET


Experts say EMET is vulnerable

Security researchers from Bromium have been analyzing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a free tool that’s designed to help Windows users enhance the security of third-party software.

Experts say that EMET is vulnerable to custom-built exploits that attackers can use to bypass the protections offered in the tool.

“EMET is a viable personal and corporate defense add-on, but given other researchers have found EMET bypasses before, we sought to understand how EMET is vulnerable to the presence of novel exploits,” said Rahul Kashyap, chief security architect and head of security research at Bromium.

“We want users to better understand the facts when making a decision about which PC protections to use. We conducted this research within Bromium Labs to further enhance EMET-like exploit mitigation tools so we as an industry can come together to better protect against future exploitation vectors.”

Bromium has published a whitepaper that contains the technical details. Jared DeMott, principal security researcher with the company, is presenting the findings today, February 24, at BSides San Francisco.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s