Attackers Can Turn Microsoft's Exploit Defense Tool EMET Against Itself (csoonline.com) 40
itwbennett writes: FireEye researchers have found a way for exploits to trigger a specific function in EMET that disables all protections it enforces for other applications. The researchers believe that their new technique, which essentially uses EMET against itself, is more reliable and easier to use than any previously published bypasses. It works against all supported versions of EMET — 5.0, 5.1 and 5.2 — but Microsoft patched the issue in EMET 5.5, which was released on Feb. 2. So if you haven't upgraded yet, now would be a good time to do it. For more about how the technique works, read FireEye's blog post.
Good name (Score:1)
For just about everything that comes from Microsoft really is like an emetic.
Monty Pythonesque (Score:3)
The tool that prevents hacking has been hacked...
Re: (Score:2)
What other option was there. The anti hack tool is there to safeguard the apps, next step is breaking through it and they figured it out. Luckily there's a fix.
This is why software maintenance subscriptions make sense but that doesn't justify they're high cost in most cases.
HUGE patch download! (Score:4, Funny)
For the convenience of Microsoft's customers, the patch for the EMET exploit will also provide a FREE upgrade to Windows 10!
Re:HUGE patch download! (Score:4, Funny)
with ask.com as your default home page and chrome as your browser? Win!
Re: (Score:1)
with ask.com as your default home page and chrome as your browser? Win!
Except with Microsoft, you won't have a choice!
WTF, Microsoft? (Score:5, Insightful)
EMET is a baseline requirement if you are focused at all on security.
As with any security measure, it can cause issues with applications. Because of this, sane people are conservative in deploying new versions.
The notes on the EMET 5.5 release and download pages mention this vulnerability nowhere.
A critical flaw in a security tool is a very important thing to know about. This information should be prominent and obvious.
I even checked the user guide in case it is buried somewhere, and there is not a hint of security-related bugfixes in there either.
Re: (Score:2)
posting to undo accidental moderation.
Re: (Score:1, Interesting)
The whack-a-mole game of insecurity with MS goes on....
Q: How do you secure a windows system?
A: Install another vendor's OS.
Re: (Score:2)
You sir are fitting to work as help desk for the rest of your life. In case you didn't notice yet, one size does not fit all. If you can figured that out then you have a fighting chance at becoming a good technology advisor which will open up many doors.
Re: (Score:1)
You sir are fitting to work as help desk for the rest of your life. In case you didn't notice yet, one size does not fit all. If you can figured that out then you have a fighting chance at becoming a good technology advisor which will open up many doors.
You may have just won a space on my journal page with that sanctimonious quote. It took me 10 minutes to recover enough from laughing just to post this reply.
Re: (Score:2)
Happy I could help.
Re: (Score:1)
The notes on the EMET 5.5 release and download pages mention this vulnerability nowhere.
It hasn't even been 24 hours since the blog post. I get jumping all over Microsoft for security issues, but I think letting the vendor have a I dunno... A DAY TO LOOK AT THE INFO seems fair.
Or are you all over linux security problems with the same zeal. Mint, glibc, etc?
Re: (Score:3, Insightful)
Yeah, well, the problem with "new versions" of anything from Microsoft these days is they go to great lengths to not tell you what updates actually contain ... they all just say "this fixes issues with Windows", don't highlight that "well, we're really installing telemetry and other shit to force you to Windows 10". You have to go to great pains to find out what an update actually contains (for instance you can't read anything on their
Re: (Score:1)
They did backpedal on this and start giving patch notes again.
http://venturebeat.com/2016/02/09/microsoft-starts-publicly-sharing-windows-10-release-notes/
http://windows.microsoft.com/en-us/windows-10/update-history-windows-10
Re: (Score:2)
Enjoy the computer game OS and consider more secure options for all other computer related tasks.
All you have to do is delete the first 'E'... (Score:2)
...then "EMET" becomes "MET".
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
Tell them to disable EAF+ for Firefox.
Not sure about Notepad++.
EMET kills Outlook when Outlook opens up malicious email. You can either disable EMET for Outlook or you can risk getting #REKT.