I have been using the Enhanced Mitigation Experience Toolkit from Microsoft for quite some time now (EMET).
It is a great way to keep yourself protected from the unknown – unknown and yet to be discovered flaws in Windows, and Windows applications.
What exactly is EMET?
Well it is a free tool that runs in the background, and does two major things:
It detects and prevents memory corruption vulnerabilities in software (Think buffer overflows):
It provides certificate pinning in Internet Explorer:
Lets look at that first one – memory corruption.
If you had EMET installed on your machine, and someone tried to exploit the recent vulnerability found in all versions of IE. EMET would have blocked it for you.
Think about that for a moment. A vast majority of serious security flaws are allowed via some type of memory corruption.
If you run EMET, you are protected from a good portion of them – before the good guys even know it is a problem.
How about that second feature, certificate pinning?
Big sites like Gmail, Facebook, Amazon – all are big targets. What happens when someone is able to forge a certificate for one of those sites? They could easily perform a “man-in-the-middle” attack against you.
And the whole time your browser would tell you that the certificate was fine.
Meanwhile the bad guys are seeing your traffic in the clear. Obtaining your username and password so they can do what they want.
If you were running EMET, it would give you a warning right away like this:
As you can see I gave it a bogus Certificate Authority for secure.intelliadmin.com (The one for Facebook).
These two simple things provide a serious amount of protection.
Best of all it is totally free!
Get a free copy of EMET 4 from the Microsoft:
One more thing…Subscribe to my newsletter and get 11 free network administrator tools, plus a 30 page user guide so you can get the most out of them. Click Here to get your free tools
{ 3 comments… read them below or add one }
Hi Steve,
Been using EMET for a while now. It really is a great tool. These days anti-virus software is practically useless. Why? They block programs like yours all the time with false positives. Then at the same time they constantly let the bad stuff through. If you are a user who is good about not installing any old thing from the net, EMET is a great way to protect yourself.
I have had to uninstall Emet because it stopped Microsoft Word and Excel from starting. Please feed that back to Microsoft.
Hello Julian,
I would check your add-ins – it is possible one of them is triggering something in EMET.