Menu
Microsoft security tool EMET 5.0 puts a leash on plugins

Microsoft security tool EMET 5.0 puts a leash on plugins

The latest version of EMET allows administrators to block plugins on certain websites

Microsoft's latest version of its Enhanced Mitigation Experience Toolkit can block plugins from launching.

Microsoft's latest version of its Enhanced Mitigation Experience Toolkit can block plugins from launching.

The latest release of a Microsoft security tool that's designed to stop exploits lets administrators control when third-party plugins are launched, a long favored route for attackers.

Microsoft has been steadily improving and adding more capabilities to the Enhanced Mitigation Experience Toolkit (EMET), a free tool that strengthens the security of non-Microsoft applications by using defenses built within Windows, such as ASLR (Address Space Layout Randomization) and DEP (Data Execution Prevention).

The latest 5.0 iteration, released Thursday, includes something called "Attack Surface Reduction," which can block some of an application's modules or plugins that might be abused, wrote Chris Betz, senior director of the Microsoft Security Response Center.

He wrote that Microsoft Word, for example, can be prevented from loading an Adobe Flash Player plugin or allow Java plugins to only run from intranet-zone sites rather than outside ones.

Third-party software is often favored by hackers as finding vulnerabilities in the Windows operating system has become more difficult. Java, an application framework for running applications, is often targeted, as well as applications from Adobe Systems.

EMET has been configured by default to block Adobe's Flash plugin from being loaded by Word, Excel and PowerPoint.

Another improvement to EMET deals with digital certificates, which are used to secure a SSL (Secure Socket Layer) connection, Betz wrote. EMET now has a blocking mode that will tell Internet Explorer to halt an SSL connection if an untrusted certificate is detected without sending session data.

Microsoft also hardened EMET in light of successful efforts at bypassing mitigations in its 4.0 version. Earlier this year, researchers from Bromium, which develops security technologies based on micro-virtualization, found that more technical hackers could bypass all of EMET's protections.

The company worked on hardening EMET against bypass techniques, which are possible "when a memory corruption within an EMET-protected application can be abused to overwrite selected memory areas and corrupt data belonging to EMET itself," according to a technical writeup.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags MicrosoftsecurityExploits / vulnerabilities

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments