chrishoffman — 2014-06-06T06:40:56-04:00 — #1
Originally published at: http://www.howtogeek.com/190590/quickly-secure-your-computer-with-microsofts-enhanced-mitigation-experience-toolkit-emet/
Only one cash prize went unclaimed at Pwn2Own 2014. All major browsers were hacked, but hackers were unable to claim the $150,000 grand prize for hacking IE 11 secured with EMET. Secure your own PC with EMET today.
daglesj — 2014-06-06T10:41:52-04:00 — #2
Been rolling this out to customers for some time now. You do get caught out on occasion when Google or someone screws up and adds some poor code that trips EMET's systems (phone calls ahoy) but on the whole its worth installing if you run current (read 2006+ onwards) software.
The only problem is that MS wont be able to really implement it properly as standard. If they did it would be carnage as thousands of domestic customers complained their bit of shareware from 2002 no longer works and the corporates moan that their custom platform falls over ever time as it wasn't coded properly back in 2004. Custom rules as per the article should save the day however.
Damned if they do and damned if they don't.
Nice this article popped up a few days after I mentioned it in a previous discussion.
jacob_zinicola — 2014-06-06T10:59:22-04:00 — #3
They could if they disabled it by default, or severely neutered the default rule set to optimize it for compatibility. At that point though, they'd have to question whether it's worthwhile supporting as a built-in feature at all. It would be nice if they'd at least integrate it into Enterprise editions so it can be turned on/of and set up by policy instead of requiring an additional installation.
daglesj — 2014-06-06T11:16:21-04:00 — #4
Well thats it in a nutshell. Windows has all the security it needs built in already...it's just that it's all switched off by default.
You may as well not bother if 99% never switch it on. This is what happens when you start off with lax procedures all those years ago.
MS needs to start pushing better practices. Say in Windows 9 your default user account isn't automatically a full admin account, maybe add in a learning EMET system that tests every new bit of software and lets the user decide or prompts a simple choice.
That kind of thing is far more useful than crap like Secure boot. MS just needs to grow some balls and ride out the media storm of "Microsoft implements far too much security...like all other operating systems if not more so!"
meseahunt — 2014-06-06T11:22:14-04:00 — #5
the link provided in the article does not work? it forwards to a 404 blank network screen?? thanks
jacob_zinicola — 2014-06-06T11:34:52-04:00 — #6
It was fixed just a little bit ago. Please refresh and try again.
john0904 — 2014-06-06T11:37:59-04:00 — #7
Seems to work too well.
EMET detected SimExecFlow mitigation and will close the application: IEXPLORE.EXE
Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17041, time stamp: 0x531807e4
This happens with MS-Works as well.
daglesj — 2014-06-06T12:09:54-04:00 — #8
Old software just doesn't work well with EMET. Office 2003 doesn't work unless you switch off all the monitoring on it.
skidroe984 — 2014-06-06T15:32:14-04:00 — #9
For those of us who aren't administrators, could you supply a little more basic information please? Is this a program that runs, like an anti-virus? Is it a service? Or does it modify system files? Thanks.
gr8mail4me — 2014-06-10T21:37:53-04:00 — #10
EMET - Mistake for Win 8.1. App blocks Shockwave Flash in Chrome. Prevents Windows Media Player from opening.
I uninstalled the app using iObit Uninstaller. Reboot of PC and all is well.
daglesj — 2014-06-11T04:12:10-04:00 — #11
So did you just untick the elements that EMET reported the software was tripping for that software?
Sometimes Chrome kicks up with Caller Migration. So you simply untick that option in the Apps section.
gr8mail4me — 2014-06-11T09:41:34-04:00 — #12
Unticked any item related to Chrome. The issue was not resolved. Same for
Too frustrating to continue.
daglesj — 2014-06-11T10:01:37-04:00 — #13
Oh well, works fine for me and the 50+ machines I've rolled it out on (XP/Vista/7/8/8.1)
Usually in these instances there is more to this than meets the eye.
gr8mail4me — 2014-06-11T10:26:14-04:00 — #14
I guess once you have work out the kinks for one the others come easy. But
for this one man PC user not worth the effort right now.
daglesj — 2014-06-11T10:41:58-04:00 — #15
Yeah it's not always a full success for everyone. Like at lot of these tools you have to learn to administer it suitably.
For some it's worth the time for some it isn't.
gr8mail4me — 2014-06-11T10:56:50-04:00 — #16
Hit the mark with that statement.
BTW. I'm wondering if EMET has issues with all apps that use Shockwave or
system — 2014-06-16T06:41:01-04:00 — #17
This topic was automatically closed after 10 days. New replies are no longer allowed.