At least some of you IT pros probably were aware, but I had not realized that Microsoft, until its announcement on Nov. 3, was planning to drop EMET 5.5x support in January 2017 before the reprieve.
In a Nov. 3 blog post entitled "Moving Beyond EMET," Microsoft officials noted that the first version of EMET was introduced in 2009.
Back then, "despite substantial improvements in Windows OS security during that same period, it was clear that the way we shipped Windows at the time (3-4 years between major releases) was simply too slow to respond quickly to emerging threats. Our commercial customers were particularly exposed since it often took years to deploy new OS versions in large scale environments," said the Softies.
EMET was not an integrated part of Windows; it hooked into "low-level areas of the operating system". Microsoft did certify that EMET 5.5x could run on Windows 10, but "its effectiveness against modern exploit kits has not been demonstrated, especially in comparison to the many security innovations built in to Windows 10," the blog post said.
Microsoft officials say that by building security features directly into Windows 10 and offering supplementary Windows 10 services like Windows Defender Advanced Threat Protection, which are being updated regularly, there's no longer need for something like EMET.
"Windows 10 includes all of the mitigation features that EMET administrators have come to rely on such as DEP, ASLR, and Control Flow Guard (CFG) along with many new mitigations to prevent bypasses in UAC and exploits targeting the browser," officials said.