Microsoft updates EMET anti-hack tool

A new version of the Enhanced Mitigation Experience Toolkit mostly improves compatibility with applications software, and specifically with Java and Chrome.

Microsoft has released version 5.1 of EMET (the Enhanced Mitigation Experience Toolkit).

If you are using EMET 5.0 with Internet Explorer 11 on either Windows 7 or Windows 8.1 you want to apply this update soon. It addresses conflicts found with the November Internet Explorer security updates scheduled to be released tomorrow.

EMET is a tool which allows users or administrators to lock down the security of specific programs to a greater degree than is allowed by Windows and to opt in to security techniques not used by the developer of the software. These EMET techniques, or mitigations, block many of the methods used by malicious software and vulnerability exploits.

Version 5.1 fixes several bugs and application compatibility problems. The applications include Internet Explorer, Adobe Reader, Adobe Flash, and Mozilla Firefox. (These problems are to be expected with an aggressive tool like EMET and the main reason the tool is not part of Windows.) The new version also includes special configurations for Oracle Java 8 and Google Chrome and adds a "Local Telemetry" feature which allows the user to save memory dumps when a mitigation is triggered.

According to the Microsoft Security Research and Defense blog, the problems with the November IE updates relate to the EAF+ mitigation. This is Export Address Table Access Filtering Plus, which detects techniques used by malicious code to execute Windows APIs and access certain features of the execution environment. In lieu of updating to EMET 5.1, users can disable EMET+.