Forgot your password?
typodupeerror
Microsoft Security Windows

Researchers Disarm Microsoft's EMET 33

Posted by timothy
from the slipping-through dept.
wiredmikey (1824622) writes "Security researchers have found a way to disable the protection systems provided by the latest version of Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a software tool designed to prevent vulnerabilities from being exploited by using various mitigation technologies. Others have managed to bypass EMET in the past, but researchers from Offensive Security have focused on disarming EMET, rather than on bypassing mitigations, as this method gives an attacker the ability use generic shellcodes such as the ones generated by Metasploit. The researchers managed to disarm EMET and get a shell after finding a global variable in the .data section of the EMET.dll file. Initially, they only managed to get a shell by executing the exploit with a debugger attached, due to EMET's EAF checks. However, they've succeeded in getting a shell outside the debugger after disarming EAF with a method described by security researcher Piotr Bania in January 2012. The researchers tested their findings on Windows 7, Internet Explorer 8 and EMET 4.1 update 1."
This discussion has been archived. No new comments can be posted.

Researchers Disarm Microsoft's EMET

Comments Filter:
  • by Anonymous Coward on Thursday July 03, 2014 @03:58PM (#47379245)

    There is also the devil's advocate here: Every black hat, criminal organization, and national intel department is focusing on Microsoft's stuff with a passion, because a 0-day that is big enough could mean billions of revenue from extortion, blackmail, or just malicious mischief.

    Before Microsoft was the leader, people said the same exact stuff about Sun. They whined that Solaris had too many holes, talked about how slow the fixes came out, and so on.

    Microsoft has a lot of bad guys hunting them down every second of every day. Well heeled bad guys.

    I'm amazed that they don't get nailed more often with 0-days with all the pressure the bad guys can bring to bear.

Faith may be defined briefly as an illogical belief in the occurence of the improbable. - H. L. Mencken

Working...