Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Microsoft Operating Systems Security Software Windows

Microsoft Bringing EMET Back As a Built-In Part of Windows 10 (arstechnica.com) 49

An anonymous reader quotes a report from Ars Technica: The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques -- some built in to Windows, some part of EMET itself -- to make exploitable security flaws harder to reliably exploit. The idea being that, even if coding bugs should occur, turning those bugs into actual security issues should be made as difficult as possible. With Windows 10, however, EMET's development was essentially cancelled. But as more mitigation capabilities have been put into Windows, the need for a system for managing and controlling them has not gone away. Some of the mitigations introduce application compatibility issues -- a few even require applications to be deliberately written with the mitigation in mind -- which means that Windows does not simply turn on every mitigation for every application. It's here that Exploit Guard comes in.
This discussion has been archived. No new comments can be posted.

Microsoft Bringing EMET Back As a Built-In Part of Windows 10

Comments Filter:
  • by Anonymous Coward
    Is there a tool to harden Windows 10 against intrusions by Microsoft into your privacy?
    • Yes, it's called Linux! Wipe out Mickey$oft completely, including MS Office, and install a solid Distro such as Debian, and LibreOffice!
  • Like just about everything from Microsoft.
  • All the worms, ransomware, and malware that gets widespread exposure and ends up loaded on millons of vectors is ALWAYS WINDOWS. Seriously. If you use Windows as a server platform you are an idiot. Rationalize all you want, but in the end we can lay this at the feet of the operator's choice of OS.

    Are there hacks, exploits, and malware for other operating systems? Sure! However, consider that these full-p3wnd remote exploits seem to get released as zero day at least once a year for Windows OS's and often
    • if Linux had the market share of all windows versions then we'd be seeing more exploits for Linux. As Willie Sutton allegedly said "it's where the money is"
      • "it's where the money is"

        Given this statement, why haven't we seen widespread ransomware deployed to what the Internet is essentially made of (Linux servers)? I mean, that's where the *real* money is. Why go after petty consumers for $300 a pop when you could go after a ton of wealthy corporations that have real money at stake by losing millions of ecommerce dollars an hour, running their businesses on Linux server farms?

        • as long as the primary entry point involves things like opening emails and clicking attachments, things that don't usually happen on servers, it's a lot easier to target the average consumer.
        • by tlhIngan ( 30335 )

          Given this statement, why haven't we seen widespread ransomware deployed to what the Internet is essentially made of (Linux servers)? I mean, that's where the *real* money is. Why go after petty consumers for $300 a pop when you could go after a ton of wealthy corporations that have real money at stake by losing millions of ecommerce dollars an hour, running their businesses on Linux server farms?

          Because the companies that make millions per hour in e-commerce spend money on security. Those that don't, don't

    • All the worms, ransomware, and malware that gets widespread exposure and ends up loaded on millons of vectors is ALWAYS WINDOWS.

      Except for little things, like heartbleed [wikipedia.org]?

      When was the last time you saw a remote root exploit for SSH?

      2001 [itworld.com]

      2013 [sophos.com]

      • by tangent ( 3677 )

        Neither of the OpenSSH exploits you link to is a remote root exploit. When exploited, both only give the attacker the privileges of the authenticated user.

        The 2001 exploit only works against accounts with passwords of 2 characters or less, which are trivially brute-forceable anyway. Calling this an "exploit" is like pointing out that a tissue paper door is even weaker if you have a spray bottle with you.

        The 2013 exploit is very difficult to take advantage of, and isn't very worrying even so. First, an attac

  • by Torodung ( 31985 ) on Tuesday June 27, 2017 @06:03PM (#54701281) Journal

    So the question is, since it's called "Defender," do you need to run their lukewarm, signature-based Defender antivirus to use the EMET features? Because that would be a deal-breaker for me.

    • I'm sure you can install burning hot Mcafee too if you wish. Burning hot being what your CPU will be wherever you install it.

  • Mitigation experience? Seriously?

    Isn't an "experience" just something that happens to you and isn't really under your control?

Lo! Men have become the tool of their tools. -- Henry David Thoreau

Working...