Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Enhanced Mitigation Experience Toolkit 2.0 advice sought


17 Jan 2011   #1

MS Windows 7 Ultimate SP1 64-bit
 
 
Enhanced Mitigation Experience Toolkit 2.0 advice sought

I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit.

Which apps should be added to the app list?

I have Win 7 Ultimate and am not running any "legacy" programs of which I am aware,

I'm just getting started using EMET.

The concept of EMET impresses me but I'm interested in real-world, practical experiences with EMET.

thanks, karl

My System SpecsSystem Spec
.

17 Jan 2011   #2

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

I had some issues trying to run various browser apps with EMET installed. Shawn has a nice tut as well as some user comments.

Enhanced Mitigation Experience Toolkit (EMET)

Enhanced Mitigation Experience Toolkit (EMET)
My System SpecsSystem Spec
17 Jan 2011   #3

MS Windows 7 Ultimate SP1 64-bit
 
 

marsmimar,
Thanks for the links. I didn't know that Shawn had written a tutorial on it.

Despite all of the reading I've done aqt the MS sites, I still find there are too many unanswered questions from the user's perspective.

I don't use IE so haven't encountered ie9 problems.

Will start adding some apps and see if it complains.

With "system" set to max, so far I've had no problems, although have some peculiar behaviour using JouleMeter from research.microsoft.com but that could very well be due to the "alpha" level of that program.

I like the idea of the joulemeter and it does show the influence of varying monitor brightness on power consumption, although I don't trust the numerical accuracy of the wattage values.

karl
My System SpecsSystem Spec
.


17 Jan 2011   #4

Windows 7 Ultimate x64 SP1
 
 

Haven't seen any problems with it since using it, other than having to uncheck EAF (Export Address Table Access Filtering) for Dropbox, as it wouldn't let it run without that unchecked.

Some of the processes I have it configured for atm.

Enhanced Mitigation Experience Toolkit 2.0 advice sought-capture.jpg

Here is a little email I shot off to them a month ago about some questions I had. You could always send them off something just like I did and see if you can get anymore info on it.

Quote:
Hi,

I'm just starting to look into using EMET 2.0.0.3 for myself on my personal Windows 7 x64 system, and I have a couple questions regarding the Configure System settings.

For instance, when choosing the Maximum Security Settings which lists as:

DEP Always On
SEHOP Application Opt Out
ASLR Application Opt In

Why is SEHOP listed as Application Opt Out? Does this mean that no processes will be using it? Should it be set to Opt In to be used by processes?

Also, if choosing one of the Configure System settings, does this apply to all processes and .exe running at any given time? If so, why does it not show any of the running processes marked off under Running EMET on the EMET GUI?

Or does one have to add each process under Configure Apps section also?


Any clarification on this would be appreciated. Thank your for your time.

Regards,
Quote:
Hello Aaron,

Application opt-out means that the application will opt-in always unless it explicitly says it does not want to have this mitigation.
Please note ASLR opt-out is not present as an option by default (please refer to the user guide in order to have that option) since it has some compatibility issues with some programs.

EMET also provides some extra mitigations such as Mandatory ASLR, EAT Filtering ,etc. In order to opt-in applications into these you have to configure them through the GUI. Please refer to section 2.3 at the User guide for detailed steps on how to do this.

Thank you,

-
Fermin J. Serna
MSRC Engineering (REACT)


My System SpecsSystem Spec
17 Jan 2011   #5

Windows 7 Professional 64 Bit SP1
 
 

All of the programs I added to the emit list work perfectly, I didn't need to un-check any of the protection options.

On a side note though, I did have to leave hardware dept as 'opt-out' since leaving hardware dept as forced caused my computer lag. Well, opt-out is better than opt-in, at at least now all my apps (cept a few core system processes) use hardware DEP (they didn't before.)

Quote   Quote: Originally Posted by karlsnooks View Post
I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit.
My System SpecsSystem Spec
17 Jan 2011   #6

 
 

Tried it here a while and won't bother using it as I found it be less than beneficial.

Some of the Wilders folks reckon it's OK.
EMET - A new Windows security mitigation toolkit - Wilders Security Forums
My System SpecsSystem Spec
17 Jan 2011   #7

MS Windows 7 Ultimate SP1 64-bit
 
 

Progress report:
Have not been able to "break" emet.

Have not added all apps yet but majority have been added.

Have not had to uncheck any of the components on any of the apps.

Have not tried Belarc or PSI or RevoUninstaller yet.

karl
My System SpecsSystem Spec
17 Jan 2011   #8

 
 

Quote   Quote: Originally Posted by karlsnooks View Post
Progress report:
Have not been able to "break" emet.
What is emet supposed to protect?

Name:  em.JPG
Views: 11
Size:  19.3 KB

Name:  emet2.JPG
Views: 12
Size:  25.3 KB

Name:  reg.JPG
Views: 11
Size:  25.6 KB

Name:  tm.JPG
Views: 10
Size:  22.9 KB


My System SpecsSystem Spec
17 Jan 2011   #9

Microsoft Community Contributor Award Recipient

Win 7 Pro 64-bit
 
 

Are you running an anti-malware program called Security Tool or are these pop-ups that suddenly appeared? If these Security Tool notices are pop-ups then Security Tool is probably the malware.
My System SpecsSystem Spec
17 Jan 2011   #10

 
 

Security Tool is an exe killing rogue security app.

I added Regedit, Task Manager and Notepad to Emet's protection but Security Tool still killed em.

Emet's gui was killed as well.
My System SpecsSystem Spec
Reply

 Enhanced Mitigation Experience Toolkit 2.0 advice sought




Thread Tools



Similar help and support threads for2: Enhanced Mitigation Experience Toolkit 2.0 advice sought
Thread Forum
Enhanced Mitigation Experience Toolkit (EMET) Tutorials
Solved How do we use the Enhanced Mitigation Toolbar? System Security
ESD precautions advice being sought. Hardware & Devices
Advice sought General Discussion
Improve Web User Experience with IIS SEO Toolkit RTW an News
Advice sought... Hardware & Devices

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 05:07 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33