EMET 5.0 has some major changes and was not as easy as previous versions to configure. Many apps crashed. I spent a lot of time testing and reading about problems with it. Here's what's good to know:
- The setting Deep Hooks under Configuration of Apps, has due to compatibility issues always been disabled by default in previous EMET versions. Now it's on by default, but that doesn't mean it'll work on every system
- EAF isn't compatible with some programs
- Crashes that don't give alerts from EMET might be caused by the mitigation StackPivot. It's been modified in 5.0, so it might not be compatible for some programs anymore
- New mitigation ASR blocks certain plug-ins from being loaded, sometimes with exceptions from defined Internet Zones (Trusted Sites, Local Intranet)
- New mitigation EAF+ blocks some memory read operations commonly used as information leaks
ASR and EAF+ are advanced settings that come predefined for some MS applications when importing settings for the Recommended Software or Popular Software list. There's a bug that if you disable and re-enable any of these two new mitigations, the settings for it is deleted.