It’s recently come to our attention that some Enhanced Mitigation Experience Toolkit (EMET) v2.0 users may have potential issues with the update functionality of specific applications from Adobe and Google. As a result, today we released a new version of EMET that will help ensure these updaters work as expected when EMET is in place for added protection. No other behavior is being changed with this release. You can download version 18.104.22.168 of EMET here.
The affected applications of which we are aware are Adobe Reader/Acrobat and Google Chrome.
Adobe Reader / Acrobat. Due to this issue, the updater may require Reader and Acrobat users to reboot in order to complete an upgrade when they otherwise would only have been required to close and restart the application.
Google Chrome. This issue may affect machines with multiple users running Chrome at the same time with each instance configured for use with EMET. If one of those instances is running as an admin, it will block the other running instances from self-updating. Please note that on Vista, Server 2008, Windows 7, and Server 2008 R2, users must explicitly right click on Chrome and select “run as administrator” to be affected.
Depending on your environment, which applications you opt into EMET, and how you handle updates, you may not need to update your deployment of EMET. If you do decide to update your deployment and have the previous MSI installed on your machines, you can roll out the new MSI as an upgrade. Alternately, if you configured the machines with EMET_Conf running from a central share, you can simply replace the binaries on that share and run “EMET_Conf --list" on each of the machines. EMET_Conf will update the necessary files.
- Andrew Roths and Fermin J. Serna from MSRC Engineering