Microsoft recently updated its Enhanced Mitigation Experience Toolkit, a free application that can protect you from dangerous zero-day attacks.
Here’s a review of what EMET does — and why and when Windows users should run it on business and personal systems.
A little extra dose of security for Windows
It’s no secret that cyber attacks are getting more sophisticated by the day. Keeping Windows systems safe from Internet-based attacks is an ongoing challenge, both for Microsoft and for Windows users. Perhaps the biggest challenge for Windows users is protecting against zero-day attacks — new threats that are, for a time, unknown to our installed anti-malware applications.
Our systems are often most vulnerable during the interval between the launch of a new exploit into “the wild” and the addition of its signature to anti-malware databases. Most security apps have tools that attempt to prevent zero-day attacks by searching for malware-like behavior. But the results are typically far from reliable.
Microsoft, of course, offers various security tools. One of the best for defending against zero-day threats is the Enhanced Mitigation Experience Toolkit (EMET). I previously discussed EMET over a year ago in the On Security column, “Microsoft adds Windows 8 support to EMET.” As is obvious from the title, the most important enhancement was support for Microsoft’s newest operating system. But Version 4 also added various security enhancements, as noted in an MS Security Research and Defense Blog post.
Since then, Microsoft has been busy updating EMET. Version 4.1 (more info) was released this past November, and 4.1 Update 1 (more info) came out in May. On July 31 (just before the Black Hat 2014 hacker confab in Las Vegas), Microsoft delivered EMET 5.0, which, among other things, added protection against attacks on EMET.
EMET is a free, standalone security application, but it’s not an all-purpose anti-malware tool. It works alongside Microsoft and third-party anti-malware apps to protect against attacks that target common software such as Internet Explorer, Office, Acrobat, and Java. It’s compatible with all supported versions of Windows, from Vista SP2 and Windows Server 2003 SP2 through Windows 8.1 and Windows Server 2012 R2.