Daily Archives: February 21, 2016

Microsoft Releases EMET 5.5

====================
Update: 11th July 2017:
As noted in a new blog post, an upcoming update to Windows 10 will contain some features of EMET. Further details are available in the above mentioned blog post.

Thank you.
====================

====================
Update: 14th March 2017:
Since my last update of this post EMET was updated to version 5.52 to resolve the following issues:

  • An issue with the EAF mitigation that causes some applications to hang on Windows 7 SP1.
  • A fix to the MSI installer to allow in-place upgrade behavior.
  • Removed EAF+ mitigation for Chrome from “Popular Software.xml”
  • Fixed import behavior for System Mitigations.

Thank you.

====================
Update: 17th November 2016:
====================
Please note that Microsoft EMET is in the process of being retired with the end of support scheduled for the 31st of July 2018. Further details are available in this blog post.

However Microsoft updated EMET in August 2016 to version 5.51 which incorporates the following minor changes:

  • EMET 5.5 GUI crashing on startup
  • Unexpected BitLocker warning in EMET 5.5 when changing system-wide DEP setting

Further details on EMETs mitigations as well known compatibility issues are listed in this article. A more detailed forum thread on this topic is available here.

Thank you.
====================

====================
Update: 17th November 2016:
Please note that Microsoft EMET is in the process of being retired with the end of support scheduled for the 31st of July 2018. Further details are available in this blog post.

However Microsoft updated EMET in August 2016 to version 5.51 which incorporates the following minor changes:

  • EMET 5.5 GUI crashing on startup
  • Unexpected BitLocker warning in EMET 5.5 when changing system-wide DEP setting

Further details on EMETs mitigations as well known compatibility issues are listed in this article. A more detailed forum thread on this topic is available here.

Thank you.
====================

Update 23rd February 2016:
According to this FireEye blog post EMET 5.5 also addresses a critical security vulnerability that was responsibly disclosed (defined) to Microsoft.

As mentioned below, if you use a version of EMET prior to version 5.5, please use the links provided to install version 5.5. as soon as possible. Thank you.

Update 3rd April 2016:
As discussed in a more recent blog post the Untrusted font mitigation of EMET 5.5 is now used by Google Chrome when installed on Windows 10 (with the November 2015 update). Thank you.

=======================
Original Post:
=======================
In early February Microsoft released version 5.5 of their Enhanced Mitigation Experience Toolkit (EMET).

This is an important update for users of Windows 10 since it adds full compatibility with that version of Windows in contrast to the previous 5.2 version of EMET. The full list of changes in this new version is available in this Microsoft blog post.

In addition, this version adds a noteworthy enhancement for Windows 10 users that blocks exploit that use font files stored in any directory (folder) in order to gain additional privileges when either remotely or locally (already have a presence) attacking your system. All fonts not stored in the %windir%/Fonts directory will not be loaded. If you are currently using an older version of EMET, please consider upgrading to EMET 5.5 to take advantage of the enhancements in this update. Further resources concerning installation, use and obtaining support for EMET are available on the Protecting Your PC page of this blog.

Please note that in order to migrate previous EMET settings to version 5.5 Microsoft have provided a PowerShell script to do so. Instructions for using this script to migrate the settings are available on page 33 and 36 of the EMET 5.5 users guide.

Thank you.

Google Releases Further Security Update for Chrome (Feb 2016)

Last week Google released an update for Google Chrome bringing it to version 48.0.2564.116. This update addresses a single critical security issues (this issue has been assigned a CVE (defined)).

Google Chrome updates automatically and will apply the update the next time Chrome is closed and then re-opened. Chrome can also be updated immediately by clicking the Options button (it looks like 3 stacked small horizontal lines) in the upper right corner of the window and choosing “About Google Chrome” from the menu. Follow the prompt to Re-launch Chrome for the update to take effect.

As always full details of the update were made available by Google in a blog post. If you use Google Chrome as your web browser, please consider updating it as soon as possible. Thank you.