Moving Beyond EMET

EMET – Then and Now Microsoft’s Trustworthy Computing initiative was 7 years old in 2009 when we first released the Enhanced Mitigation Experience Toolkit (EMET). Despite substantial improvements in Windows OS security during that same period, it was clear that the way we shipped Windows at the time (3-4 years between major releases) was simply…

0

Security Engineering Evolution in Office 2016 for Mac

Security is a critical component in all our products at Microsoft. An emphasis on strong security starts at the beginning of all our work, including threat modelling as part of the design process and the consideration of Apple’s own security recommendations for our products on Apple’s platforms. As an example of this approach, I’d like…

0

Enhanced Mitigation Experience Toolkit (EMET) version 5.5 is now available

The Enhanced Mitigation Experience Toolkit (EMET) benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives. It does this by anticipating, diverting, terminating, blocking, or otherwise invalidating the most common actions and techniques adversaries might use to compromise a computer. In this way,…

0

Triaging the exploitability of IE/EDGE crashes

  Introduction Both Internet Explorer (IE) and Edge have seen significant changes in order to help protect customers from security threats. This work has featured a number of mitigations that together have not only rendered classes of vulnerabilities not-exploitable, but also dramatically raised the cost for attackers to develop a working exploit. Because of these changes,…

0

EMET: To be, or not to be, A Server-Based Protection Mechanism

Hi Folks – Platforms PFE Dan Cuomo here to discuss a common question seen in the field: “My customer is deploying EMET and would like to know if it is supported on Server Operating Systems.” On the surface there is a simple answer to this question, however with a little poking, a little prodding, the…

0

Enhanced Mitigation Experience Toolkit (EMET) version 5.5 Beta is now available

Enhanced Mitigation Experience Toolkit (EMET) version 5.5 Beta is now available The Enhanced Mitigation Experience Toolkit (EMET) benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives. It does this by anticipating, diverting, terminating, blocking, or otherwise invalidating the most common actions and…

0

What makes a good Microsoft Defense Bounty submission?

One of Microsoft’s longstanding strategies toward improving software security continues to involve investing in defensive technologies that make it difficult and costly for attackers to exploit vulnerabilities. These solutions generally have a broad and long lasting impact on software security because they focus on eliminating classes of vulnerabilities or breaking the exploitation primitives that attackers…

0

Defending against CVE-2015-1769: a logical issue exploited via a malicious USB stick

Introduction Today Microsoft released update MS15-085 to address CVE-2015-1769, an important severity security issue in Mount Manager. It affects both client and server versions, from Windows Vista to Windows 10. The goal of this blog post is to provide information on the detection guidance to help defenders detect attempts to exploit this issue.   Detection…

0

Advances in Scripting Security and Protection in Windows 10 and PowerShell V5

In the last several releases of Windows, we’ve been working hard to make the platform much more powerful for administrators, developers, and power users alike. PowerShell is an incredibly useful and powerful language for managing Windows domains. Unfortunately, attackers can take advantage of these same properties when performing “post-exploitation” activities (actions that are performed after…

0

EMET 5.2 is available (update)

Today, we’re releasing the Enhanced Mitigation Experience Toolkit (EMET) 5.2, which includes increased security protections to improve your security posture. You can download EMET 5.2 from microsoft.com/emet or directly from here. Following is the list of the main changes and improvements: Control Flow Guard: EMET’s native DLLs have been compiled with Control Flow Guard (CFG)….

0