14 DAY TRIAL // Microsoft has announced the immediate availability of the Enhanced Mitigation Experience Toolkit (EMET), a security tool designed to bolster Windows security.
Launched in 2009, EMET is a collection of security measures packed into one single toolkit, which Microsoft has offered as an optional download through its official website.
EMET works by watching internal Windows operations for known security exploits and blocking attacks both on the OS itself and third-party applications.
EMET can be used on its own, but various security vendors also leverage its features in their own products.
EMET 5.5 adds protection from the "untrusted fonts" attack
With the release of version 5.5, Microsoft has added official support for Windows 10, which it slowly started rolling out through 5.5 beta versions last summer.
Besides official Windows 10 compatibility, the stable version of EMET 5.5 also adds broader configuration options for dealing with mitigations via GPO (Group Policy Object), better support for writing mitigations to the Windows registry, and performance improvements to EAF/EAF+ pseudo-mitigation techniques.
Additionally, Microsoft also added support for mitigating the well-known "untrusted fonts" attack, often leveraged in Web-based attacks to compromise computers and install malware.
Windows 10 already integrated some parts of EMET
It might be strange that Microsoft didn't hurry to add Windows 10 support to EMET all this time, but the company has an explanation.
"With Windows 10 we have implemented many features and mitigations that can make EMET unnecessary on devices running Windows 10," the EMET team said. "EMET is most useful to help protect down-level systems, legacy applications, and to provide Control Flow Guard (CFG) protection for 3rd party software that may not yet be recompiled using CFG."
The Windows 10 security features that already cover some of EMET's functions include Device Guard (only on Windows 10 Enterprise), Control Flow Guard (CFG), and AppLocker.
In the past, security researchers found many times that there were techniques to bypass EMET's security features.
The last ones to do so were researchers from Duo Labs (now Duo Security), who discovered that the WoW64 subsystem used to support old 32-bit executables on newer 64-bit platforms could be used as a temporary hiding spot for malware to avoid getting flagged by EMET.
EMET 5.5 is available from Softpedia or via Microsoft's official website.
UPDATE: Updated to highlight the fact that Device Guard is only available for Windows 10 Enterprise. Thanks, @Buddahfan.