Microsoft Extends EMET End of Life Date

An anonymous reader writes: Microsoft will continue to support and provide security patches for its Enhanced Mitigation Experience Toolkit security software for Windows until July 31 2018, after taking customer feedback into account. EMET is a security utility software popular with enterprise customers running supported versions of Windows. It uses mitigation techniques to block attackers from exploiting vulnerabilities in software. The company's lead program manager for operating system security, Jeffrey Sutherland, said while EMET 5.5x will continue to be supported for another 18 months after the original end of life date of January next year, Microsoft recommended customers migrate to Windows 10 for improved security.

Quite a Name

[chipschap]

"Enhanced Mitigation Experience" ?

Have to hand it to the marketing guys, computer security is a "mitigation" "experience" that Microsoft has "enhanced."

Re:

[nine-times]

It's from the same company that brought you "Windows Genuine Advantage", the purpose of which had nothing to do with being "genuine", and was in no way advantageous. (In case you're not familiar, the purpose of WGA was to detect whether your licensing was in order, and if not, break Windows.)

Let me get this straight.

[techno-vampire]

EMET doesn't block malware from exploiting vulnerabilities, it tries to prevent malware from doing any damage after it gets through. If so, that's not at all unreasonable. You can't ever block all possible holes; at best, you can block the ones you know about, but you can add an extra layer of protection to the programs and files that malware targets. If so, that even gives you a little bit of protection against zero day exploits, because it doesn't do crackers any good to get in if they can't steal or corrupt your data.

Re:

[johnfordparm]

Good to hear

Re:

[jbmartin6]

Not sure why you say this. EMET is explicitly designed to prevent the exploitation of vulnerabilities, and can't do anything about damages if one is exploited.

Re:

[EndlessNameless]

I have no idea why this was modded up when it so obviously wrong.

If you understand how the product works (at a level that allows you to configure it properly), you know that it is doing exactly that. It prevents malware from exploiting existing vulnerabilities. This protection can be applied to Windows itself as well as 3rd-party applications.

As with any security hardening, there is a substantial risk of compatibility issues. Testing and policy exclusions will be necessary in any real production environment

Re:

[sexconker]

EMET isn't worthless. It's good for forcing protections on sloppy shit and for enforcing certificate pinning.
You have to actively configure EMET for it to actually do anything worthwhile, though.

Re:

[EndlessNameless]

A mitigation offers protection against unpatched and unknown bugs.

This is especially important because most bugs are known for a significant period of time before a patch can be written and tested by the vendor. Even if Microsoft discovers a bug itself and patches it before CVE publication, it is still possible for an outside entity to have discovered and exploited that bug beforehand.

Also, some attackers are reverse engineering patches to develop malware. In most enterprises there is a noticeable gap betwe

Re:

[Ed Tice]

The purpose of EMET is not to prevent exploitation of vulnerabilities in Microsoft software. It's for helping you deal with third-party software that doesn't have their own mitigation techniques built-in. Microsoft has updated all of it's software years ago to enable everything that's in EMET. The reason for dropping EMET is that adversaries have gotten quite good at getting around the EMET protections. The recommendation is to move to Windows 10 where you get much better protection without the need to

Nothing new

[OneHundredAndTen]

Just another EMETic product from Microsoft. They excel at that.