The+one+security+tool+every+Windows+user++should+know+about+EMET

The one security tool every Windows user should know about EMET

Everyday or so it seems someone is trying to destroy your computer and obtain your personal data. The definitive fix for a vulnerability like this is a vendor-supplied patch. But what do you do while you’re waiting for the patch?

The solution is:- Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), a simple but powerful configuration utility that allows you to harden applications that weren’t originally designed to take advantage of Windows security features.

EMET offers a straightforward, clean interface that works identically across multiple Windows versions. It’s not a magic bullet, but it is an extremely potent addition to a thorough, in-depth approach to Windows security. EMET is distributed as a very small (4.7MB) installer Here:- [] Hardware-enforced DEP blocks the execution of code in memory locations that should contain only data, such as the stack or the heap, preventing a common form of exploit. Using EMET, you can turn on DEP for applications that were not originally compiled to be compatible with the feature.

Installing Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is straightforward for individual Windows PCs, although Microsoft acknowledges that the current version is “not convenient” to deploy in an enterprise setting. On Windows XP and Windows Server 2003, you must first ensure that the Microsoft .NET Framework 2.0 is installed. There are no prerequisites for other supported Windows versions.

After downloading the installer package, log on using an administrator account and run EMET Setup.msi. A restart is not required. Then open the EMET application using its Start menu shortcut.

The EMET interface is divided into two parts. The top shows the system status; the bottom shows a list of running processes and whether they are currently running with EMET enabled. You can use EMET to adjust systemwide security settings. Click Configure System to display the dialog box shown here. You can configure any of the three settings individually or use the drop-down menu at the top to apply preconfigured groups of settings.

It is not recommend to set to the Maximum Security Settings option for Windows 7. For Windows XP, however, this option does make sense. Your XP options are more limited, because XP doesn’t support SEHOP or ASLR. Enabling DEP universally on XP is a smart idea. For the default 32-bit versions of Internet Explorer, this is:- C:\Program Files\Internet Explorer\Iexplore.exe [on 64-bit Windows installations, this file is in the Program Files (x86) folder]. For Adobe Reader, start in Program Files [or Program Files (x86) on a 64-bit Windows system]; the executable file, AcroRd32.exe, is typically in the Adobe\Reader subfolder (this folder name might include a version number as well). After you add an executable file, it appears in the Application Configuration dialog box, where you can enable or disable specific mitigations. By default, all options for a given process are selected.

To view the security status of programs, open the main EMET UI and look in the Running Processes list. If you’ve just added a program, you might have to close and restart it, then click the Refresh button to the right of the Running Processes heading. Click the Running EMET heading to sort the list so that all EMET-enabled apps are grouped together.  