Microsoft extends support for EMET security tool

0
72

#Microsoft #EMETMicrosoft extends support for EMET security tool : Microsoft has extended the support life of its enhanced mitigation toolkit (EMET) affording Windows 8 laggards an extra 18 months of protection.

EMET adds extra defences to older versions of Windows, dating all the way back to Vista. Among the improvements it offers are address space layout randomisation and data execution prevention. Both make it harder to compromise systems.

Microsoft baked those features and more into Windows 10, giving users of Microsoft’s latest platform few reasons to run EMET. EMET nonetheless added support for Windows 10 last February in version 5.5.

The tool, borne of Microsoft’s defensive platform-building competition BlueHat, is not infallible; ransomware scum have wormed around it as have a regular barrage of researchers who have found complex ways to bypass every version of EMET.

Some researchers have even used EMET to compromise EMET. Yet the tool is considered a high-quality production and credited with making Windows 10 in the words of Google’s Project Zero hack house “mostly harmless”, a security upgrade on Windows 8.1 and earlier.

Windows users seemingly agree and have had their pleas for EMET’s stay of execution answered. Jeffrey Sutherland, Microsoft’s principal lead program for OS security, says EMET will continue to support Windows 8 and 7 users and Vista laggards until July 2018.

“.. we have listened to customers’ feedback regarding the January 27, 2017 end of life date for EMET and we are pleased to announce that the end of life date is being extended 18 months,” Sutherland says.

“The new end of life date is July 31, 2018. “For improved security, our recommendation is for customers to migrate to Windows 10.” That will bring EMET’s end of life closer in line with the January 2018 cessation of Windows 8 support. Sutherland warns that EMET has “serious limits” as it is a bolt-on security tool.

This manifests in the consistent bypassing of EMET defences, being effective at squashing older exploits but not those which are likely to be cooked up in the near future. “Not surprisingly, one can find well-publicised, often trivial bypasses, readily available online to circumvent EMET,” Sutherland says.

The security tool was also a performance pig thanks to ad-hoc low-level operating system hooks that triggered “serious side-effects”. It is also outpaced by Windows 10 defences, especially when up against modern exploits, Sutherland says. Source: theregister