Friday, October 15, 2010

Windows hardening: EMET

EMET (Microsoft's Enhanced Mitigation Experience Toolkit) is a tool that enables the security features that are not enabled by default on the applications. Unfortunately, Windows leaves the applications choose which security features should be enabled by setting specific flags, so many attacks can succeed  even though the security protections are enabled in the operative system.

In a nutshell, EMET is a DLL that permits to enable the security features in runtime, for applications that were compiled without it, like DEP (Data Execution Prevention) and ASLR (Address Layout Space Randomization).

You can find more information about this tool as well as examples in this article from H Security.



No comments:

Post a Comment