Exploit Protection Toolkit EMET

Currently the hacker conference Black Hat is taking place. Some interesting security issues get discussed and demonstrated; those are covered by most computer media already. What went past nearly unnoticed is a toolkit which Microsoft wants to release in August: the Enhanced Mitigation Experience Toolkit (EMET).

It is meant to bring newer security mitigations like Address Space Layout Randomization (ASLR), Data Execution Prevention (DEP), Structured Error Handling Overwrite Protection (SEHOP), Anti-Heap-Spraying techniques and Export Address Table (EAT) protection for kernel32.dll and ntdll.dll, among others, to older platforms and third party software. This will help to complicate the exploitation of vulnerabilities in that software.

This sounds indeed very promising; the tool will have to proof its capabilities when it is available. IT professionals and administrators might want to take a closer look at it.

Dirk Knop
Technical Editor