The enhanced Mitigation Experience Toolkit (EMET) is designed to help prevent hackers from gaining access to your system. The new EMET 4.0 (Beta) features provides a preview on what’s in store for the final version. Please note that this is a "Beta" release. It is not ready for wide enterprise deployment. The latest official EMET release, EMET V3, is ready for enterprise deployment.
Below is a summary of the features and changes that are included with the EMET 4.0 Beta release: • Certificate Trust: considering the raise of PKI-related attacks, we decided to implement a configurable SSL Certificate Pinning to try to detect Man in the Middle attacks that leverage SSL/TLS certificates. The Certificate Trust feature in EMET is rule-based and allows to pin a specific SSL/TLS certificate to a trusted Root Certificate Authority; • ROP mitigations and hardening: in the last Technical Preview release of EMET, we introduced some mitigations to try to stop ROP-based attacks by implementing some of the winner ideas of the BlueHat Prize contest. With this new EMET release we hardened the ROP and other mitigations to detect and stop novel attack techniques. For example EMET 4.0 beta is able to stop one ASLR/DEP bypass technique presented at this year’s CanSecWest; • Early Warning Program: this feature will allow EMET to send contextual data back to Microsoft, through the standard Windows Error Reporting channel, every time that an exploit has been detected and stopped. We are adding this feature to help us respond to new 0day exploits as soon as possible.
|