14 DAY TRIAL // Security researchers from Bromium have been analyzing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a free tool that’s designed to help Windows users enhance the security of third-party software.
Experts say that EMET is vulnerable to custom-built exploits that attackers can use to bypass the protections offered in the tool.
“EMET is a viable personal and corporate defense add-on, but given other researchers have found EMET bypasses before, we sought to understand how EMET is vulnerable to the presence of novel exploits,” said Rahul Kashyap, chief security architect and head of security research at Bromium.
“We want users to better understand the facts when making a decision about which PC protections to use. We conducted this research within Bromium Labs to further enhance EMET-like exploit mitigation tools so we as an industry can come together to better protect against future exploitation vectors.”
Bromium has published a whitepaper that contains the technical details. Jared DeMott, principal security researcher with the company, is presenting the findings today, February 24, at BSides San Francisco.
Update. Microsoft has released a new version of EMET. The latest release is reportedly not vulnerable to the attack demonstrated by Bromium.