As the everyday PC user has more and more software on their computer originating from vendors big and small, the likelihood of an exploitable vulnerability remaining unpatched is ever growing. The developers of your anti-virus software or the vulnerable program might not be able to patch the vulnerability as quickly as they get discovered, but there are some helpful tools to make these vulnerabilities as hard to exploit as possible. One of these tools is Microsoft EMET.
Microsoft EMET stands for Enhanced Mitigation Experience Toolkit, and it is a utility that helps preventing software vulnerabilities from being exploited. EMET is using security mitigation technologies to achieve this goal to make exploitation as difficult as possible, as a possible attacker will face extra obstacles to get through. It can be used with any software, regardless of when it was written and who the author or vendor is; it doesn’t need to be a software product of Microsoft.
EMET can be downloaded from the Microsoft TechNet page, and requires the Microsoft .NET Framework to operate, which can be downloaded from the Download section of Microsoft’s website. The latest version, EMET 4.0 has got a Certificate Trust feature to detect man-in-the-middle attacks leveraging the public key infrastructure.
After installing, EMET must be configured to protect the piece of software you want to be protected. For this, you need to provide the name of the program and its location on your PC. The above mentioned Certificate Trust will need you to provide the list of websites you want to protect. For a detailed introduction please visit www.microsoft.com/emet where you can download the latest version that comes with a detailed user guide.
