|17 Jun 2013||#1|
| || |
EMET 4.0 now available for download
We are pleased to announce that the final release of version 4.0 of the Enhanced Mitigation Experience Toolkit, best known as EMET, is now finally available for download. You can download it from Download Enhanced Mitigation Experience Toolkit 4.0 from Official Microsoft Download Center.
We already mentioned some of the new features introduced in EMET 4: Certificate Trust, mitigations improvement hardening, and the Early Warning Program. During our beta period we added new features and solved application compatibility issues that have been reported both externally and internally. Below is a summary of the changes and enhancements:
Redesigned User Interface: We realized that with the addition of the new features introduced in EMET 4.0 Beta, the old graphical user interface was not as effective and easy to use. For this reason, we decided to re-design EMETís GUI to facilitate and streamline the configuration operations. We also added the possibility to select the look-and-feel of EMET from a set of skins that we included. Finally, the new user interface is accessible and will change automatically according to your system settings:
Configuration Wizard: We know that configuration can be challenging when installing EMET for the first time. In EMET 3.0 we added the Protection Profiles, which were used to facilitate the initial configuration for applications. With EMET 4.0 we are introducing a Configuration Wizard that will automatically configure EMET with a standard set of SSL certificate pinning rules as well as a list of applications to protect. It also can preserve existing EMET 3.0 settings, and gives the possibility to add standard configuration for the new features. The Configuration Wizard will start automatically during EMETís installation and can also be accessed, at any time, from EMET GUI. Advanced users can choose to apply a standard configuration through the Configuration Wizard and then customize EMETís configuration afterwards according to their needs.
Changes in Certificate Trust: We made a few changes to the Certificate Trust feature, based on usersí feedback, further internal investigation, and partnership with third party online services. We added a new exception to the SSL certificate pinning rules that if enabled will make EMET verify just the Public Key component of the Root CAs present in the rule without matching subject name and serial number. Additionally, we made the Certificate Trust feature available on 64-bit versions of Internet Explorer. Finally, we added to the previous default rules for Microsoft online services new rules also for Twitter, Facebook, and Yahoo!.
Updated Group Policy profiles: Enterprise customers will notice that we updated our Group Policy profiles to include not only the ability to configure system and application mitigations, but also the reporting mechanisms, the advanced mitigation configurations, and the exploit action.
If you have EMET 4.0 Beta or EMET 3.5 Technical Preview installed on the system, you will need to uninstall them before installing EMET 4.0, and you will need to remove EMETís configuration from the registry, by deleting the registry hives HKLM\Software\Microsoft\EMET and, if existing, HKLM\Software\Policies\Microsoft\EMET. If you have EMET 3.0 installed on the system, you donít need to uninstall it before installing EMET 4.0. The previous version will be uninstalled and at the end of the installation youíll have the opportunity to migrate the existing settings or to reset EMET configuration with the new default settings.
We want to thank those of you that downloaded EMET 4.0 Beta in the past two months and that provided valuable feedback that greatly helped us finalize EMET 4.0. In particular, we want to thank the Yang Yu from NSFocus security team that reported a technique that allowed to bypass EMETís protections, and Adam Langley and Cem Paya from Google for feedback on the Certificate Trust feature. As said, we received many, many emails, and it would be impossible to name all the people that provided feedback for EMET 4.0 Beta. You know who you are, and we really appreciated your effort in testing EMET and reaching out to us to provide feedback. Again, thank you!
We truly hope that you enjoy all the new features that we introduced in EMET 4.0. We will continue working on improving EMET to provide better and better protections against internet attacks for customers and to make it even more user friendly and easy to use.
See also: Enhanced Mitigation Experience Toolkit (EMET)
|My System Specs|
|18 Jun 2013||#3|
| || |
Well, there are couple of changes in the final EMET 4.0. The interface is different and it broke IE10, both the 32 and 64-bit versions. In addition to event ID 1000 error message in the logs, IE gives this error message:
And after couple of "Internet Explorer stopped working..." messages, it displays this:
The website in question has no problems, it opens up just fine with Firefox or Opera, both of them have been added to EMET for additional protection against malware.
I'll uninstall EMET 4.0 and if that does not fix the issue, restore the image that had been created just prior to installing the final version of EMET.
You may want to create an image as well, prior to installing EMET 4.0...
|My System Specs|
|Similar help and support threads for2: EMET 4.0 now available for download|
|EMET-is it worth installing?||System Security|
|Emet 3.0.0||Performance & Maintenance|
|Which programs should EMET monitor?||System Security|
|EMET installation option||System Security|
|New version of EMET is now available||Security News|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 12:41 PM.