Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Microsoft Security Windows

Attackers Can Turn Microsoft's Exploit Defense Tool EMET Against Itself (csoonline.com) 40

itwbennett writes: FireEye researchers have found a way for exploits to trigger a specific function in EMET that disables all protections it enforces for other applications. The researchers believe that their new technique, which essentially uses EMET against itself, is more reliable and easier to use than any previously published bypasses. It works against all supported versions of EMET — 5.0, 5.1 and 5.2 — but Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. So if you haven't upgraded yet, now would be a good time to do it. For more about how the technique works, read FireEye's blog post.
This discussion has been archived. No new comments can be posted.

Attackers Can Turn Microsoft's Exploit Defense Tool EMET Against Itself

Comments Filter:
  • by Anonymous Coward

    For just about everything that comes from Microsoft really is like an emetic.

  • by Virtucon ( 127420 ) on Wednesday February 24, 2016 @09:40AM (#51574625)

    The tool that prevents hacking has been hacked...

    • What other option was there. The anti hack tool is there to safeguard the apps, next step is breaking through it and they figured it out. Luckily there's a fix.

      This is why software maintenance subscriptions make sense but that doesn't justify they're high cost in most cases.

  • by DoofusOfDeath ( 636671 ) on Wednesday February 24, 2016 @09:49AM (#51574677)

    For the convenience of Microsoft's customers, the patch for the EMET exploit will also provide a FREE upgrade to Windows 10!

  • WTF, Microsoft? (Score:5, Insightful)

    by EndlessNameless ( 673105 ) on Wednesday February 24, 2016 @10:12AM (#51574783)

    EMET is a baseline requirement if you are focused at all on security.

    As with any security measure, it can cause issues with applications. Because of this, sane people are conservative in deploying new versions.

    The notes on the EMET 5.5 release and download pages mention this vulnerability nowhere.

    A critical flaw in a security tool is a very important thing to know about. This information should be prominent and obvious.

    I even checked the user guide in case it is buried somewhere, and there is not a hint of security-related bugfixes in there either.

    • by joshki ( 152061 )

      posting to undo accidental moderation.

    • Re: (Score:1, Interesting)

      by Gr8Apes ( 679165 )

      The whack-a-mole game of insecurity with MS goes on....

      Q: How do you secure a windows system?
      A: Install another vendor's OS.

      • You sir are fitting to work as help desk for the rest of your life. In case you didn't notice yet, one size does not fit all. If you can figured that out then you have a fighting chance at becoming a good technology advisor which will open up many doors.

        • by Gr8Apes ( 679165 )

          You sir are fitting to work as help desk for the rest of your life. In case you didn't notice yet, one size does not fit all. If you can figured that out then you have a fighting chance at becoming a good technology advisor which will open up many doors.

          You may have just won a space on my journal page with that sanctimonious quote. It took me 10 minutes to recover enough from laughing just to post this reply.

    • by Anonymous Coward

      The notes on the EMET 5.5 release and download pages mention this vulnerability nowhere.

      It hasn't even been 24 hours since the blog post. I get jumping all over Microsoft for security issues, but I think letting the vendor have a I dunno... A DAY TO LOOK AT THE INFO seems fair.

      Or are you all over linux security problems with the same zeal. Mint, glibc, etc?

    • Re: (Score:3, Insightful)

      by gstoddart ( 321705 )

      Because of this, sane people are conservative in deploying new versions.

      Yeah, well, the problem with "new versions" of anything from Microsoft these days is they go to great lengths to not tell you what updates actually contain ... they all just say "this fixes issues with Windows", don't highlight that "well, we're really installing telemetry and other shit to force you to Windows 10". You have to go to great pains to find out what an update actually contains (for instance you can't read anything on their

      • by Anonymous Coward

        They did backpedal on this and start giving patch notes again.

        http://venturebeat.com/2016/02/09/microsoft-starts-publicly-sharing-windows-10-release-notes/
        http://windows.microsoft.com/en-us/windows-10/update-history-windows-10

To be or not to be, that is the bottom line.

Working...