Microsoft EMET - advanced free security system for Windows

[PhenoMenal]

seems a lot of people haven't heard of this, but it's a little gem! ... if you're comfortable using security programs in general you shouldn't have any issues with this. Its main purpose is to protect against software vulnerabilities that hackers exploit to create 0-day attacks, gain access to your system and so on. Especially useful for hardening your main vulnerability access points such as web browser, email client etc.

http://support.microsoft.com/kb/2458544

The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult to perform as possible. In many instances, a fully-functional exploit that can bypass EMET may never be developed.

 

[PhenoMenal]

Also check out Microsoft's AutoRuns by SysInternals...

http://technet.microsoft.com/en-au/sysinternals/bb963902.aspx

Basically, every program, service and so on that automatically starts when Windows starts (or other programs such as your web browser), is only able to autostart because they've registered themselves in the system in certain autostart locations.

Malware almost always register themselves to autostart to remain persistent on your computer even after a reboot. However, this is something of an Achille's heel for malware, because it leaves a calling card on the system... and one that almost always points directly to their exact location.

This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. You can configure Autoruns to show other locations, including Explorer shell extensions, toolbars, browser helper objects, Winlogon notifications, auto-start services, and much more.

 

[PhenoMenal]

Just a heads-up that Microsoft EMET v4.0 is now available, http://www.microsoft.com/en-au/download/details.aspx?id=38761

 

[Hydro-Soil]

It's a Microsoft product.

They're all microsoft products.

Not a big fan of microsoft anything, especially running microsoft software on top of one of their operating systems. Decent for games though... and Adobe CS products work with it.

Stay Safe!

 

[PhenoMenal]

It's a Microsoft product.

Yes. And who knows every Microsoft operating system under the hood better than anyone else? And who has millions of dollars to employ some of the top security minds in the field to develop EMET?

 

[Hydro-Soil]

Yes. And who knows every Microsoft operating system under the hood better than anyone else? And who has millions of dollars to employ some of the top security minds in the field to develop EMET?

At the end of the day? It's still a Piece Of S*%t!

Nothing about microsoft impresses me. Hasn't for years. You want to do actual *work*... you use a *nix product. You want a home gaming pc... get a m$ machine. Been that way for decades.

Yes, there are workhorse applications that only run on m$ and that's a tragedy. Oh well.

Stay Safe!

 

[PhenoMenal]

At the end of the day? It's still a Piece Of S*%t!

Can you please elaborate on why you think it's that ... other than "Microsoft made it" ??? Or is that the only substance to your argument (ugh)...

How long have you been using EMET (HAVE you ever used it?), and what tests have you thrown against it??? any CVE's or anything from Metasploit for example? Have you checked it out 'under the hood' in WinDbg or IDA or a debugger/disassembler of your choice to see her in action?

I'm just very curious as to how you've reached your conclusion!...
Cheers

ps. You said it's good to protect against games, yes it does but games (especially ones sourced legally) generally aren't major attack vectors (we don't all play games but we do all browse the web and use email) - so it's more programs like your web browser, explorer.exe, your email client etc that advanced mitigation technologies such as EMET provide the best protection, especially against 0-day vulnerabilities, and in many cases EMET is the only mitigation that can be used until the developer of the software is able to release a patch/fix for the vulnerability... which again makes me question your statement.

This is a free piece of software ... a very advanced one at that (it's not an anti-virus, it's not a firewall... it's a system designed at mitigating the most advanced attacks used today to attack software), that has a large team of quality security software engineers in R&D, one that has proven itself time and time again in mitigating many 0-day vulnerabilities (don't read this incorrectly -- IE exploits are still IE exploits, but EMET protects against many of them -- but only if you're running EMET)

... yet your arguments are just 1) "it's from Microsoft", and 2) "It's still a Piece Of S*%t!"

 

[ak-51]

Most Microsoft products are at least decent; and I would say that they have more products that are really good than really bad.

 

[LeeROI]

Microsoft Security Essentials has been good to me (on XP & 7). My neighbor bought the full load McAfee: he's got malware now.

 

[Hydro-Soil]

25 years of using and cleaning up after M$. When I say I'm not a fan, it's from a lot of personal experience.

Granted, they're better today than they were... that's still not saying much. People have grown accustomed to less than stellar performance. Many have never experienced anything but.

If you really like the product (barring their office suite, one of the most heavily worked over code they have) there's a good chance they bought it from someone else.

Fanboy all you like... at the end of the day the work is still done by *nix machines.

Stay Safe!

 

[Tony Aroma]

... at the end of the day the work is still done by *nix machines.

And the best *nix machine of all... Macintosh. We don't need no stinkin' security software.

Something I've always wondered about, why not just build a secure OS instead of an insecure one that requires various add-ons to keep it safe? You'd think by version 8 they'd at least be getting close.

 

[PhenoMenal]

Hydrosoil, *nod* ... so just to clarify you have NO actual experience at all with EMET, you've just used Windows for a long time. (Why keep using it if you're so anti-Microsoft?)
You sidestepped every one of my EMET questions ...
Each to their own, but I think you should at least try a program before making a definitive statement about it ...

 

[CheifnBud2]

My lord that is one classy mullet. Rock on phervs.

 

[PhenoMenal]

Cheif, well... classy as far as mullets go (i think it's just the suit?)
It's one of Eric Bana's characters - he was doing sketch comedy before Hollywood... search youtube for: Poida
8)

 

[Tom Petty]

Anyone that believes Apple is secure without purchasing anti virus and no extra security is sadly mistaken and in for a surprise.

Sent from my Galaxy Nexus using Xparent Cyan Tapatalk 2

 

[ak-51]

Something I've always wondered about, why not just build a secure OS instead of an insecure one that requires various add-ons to keep it safe? You'd think by version 8 they'd at least be getting close.

It's true that most viruses affect machines running Windows, but that is mainly because most machines are running Windows.

Microsoft has a 91% market share as far as operating systems go. If you want to build a virus you go for the OS that has the biggest market share; that means Windows. It's partially an illusion that other OS's are more secure. Most of the reason that they are safer is because they are not worth targeting.

90+% of the time the user is the reason a virus is present. You can't stop user error on any OS, you can only try to limit it.

 

[vta]

Anyone that believes Apple is secure without purchasing anti virus and no extra security is sadly mistaken and in for a surprise.

Sent from my Galaxy Nexus using Xparent Cyan Tapatalk 2

Or to put it another way...if you were creating viruses....wouldn't you target an OS that is on 90% of personal computers? It's not that Apple is more secure...just less prevalent. Apple has such a small presence...hackers get more bang for their buck with MS.

 

[vta]

It's true that most viruses affect machines running Windows, but that is mainly because most machines are running Windows.

View Image

Microsoft has a 91% market share as far as operating systems go. If you want to build a virus you go for the OS that has the biggest market share; that means Windows. It's partially an illusion that other OS's are more secure. Most of the reason that they are safer is because they are not worth targeting.

90+% of the time the user is the reason a virus is present. You can't stop user error on any OS, you can only try to limit it.

HA...should of read the whole thread before I posted...K+

 

[Hydro-Soil]

Why keep using it if you're so anti-Microsoft?

#1 Adobe CS4

#2 DDO (runs great under wine, when the ddo developers don't break it)

#3 Random Window$ only game that doesn't run under wine

Stay Safe!

 

[supermanlives]

thanks I am gonna try it.the more security I got the better