Enhanced Mitigation Experience Toolkit 2.0 advice sought

Page 1 of 2 12 LastLast

  1. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
       #1

    Enhanced Mitigation Experience Toolkit 2.0 advice sought


    I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit.

    Which apps should be added to the app list?

    I have Win 7 Ultimate and am not running any "legacy" programs of which I am aware,

    I'm just getting started using EMET.

    The concept of EMET impresses me but I'm interested in real-world, practical experiences with EMET.

    thanks, karl
      My Computer


  2. Posts : 10,994
    Win 7 Pro 64-bit
       #2

    I had some issues trying to run various browser apps with EMET installed. Shawn has a nice tut as well as some user comments.

    Enhanced Mitigation Experience Toolkit (EMET)

    https://www.sevenforums.com/1183094-post17.html
      My Computer


  3. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
    Thread Starter
       #3

    marsmimar,
    Thanks for the links. I didn't know that Shawn had written a tutorial on it.

    Despite all of the reading I've done aqt the MS sites, I still find there are too many unanswered questions from the user's perspective.

    I don't use IE so haven't encountered ie9 problems.

    Will start adding some apps and see if it complains.

    With "system" set to max, so far I've had no problems, although have some peculiar behaviour using JouleMeter from research.microsoft.com but that could very well be due to the "alpha" level of that program.

    I like the idea of the joulemeter and it does show the influence of varying monitor brightness on power consumption, although I don't trust the numerical accuracy of the wattage values.

    karl
      My Computer


  4. Posts : 18,404
    Windows 7 Ultimate x64 SP1
       #4

    Haven't seen any problems with it since using it, other than having to uncheck EAF (Export Address Table Access Filtering) for Dropbox, as it wouldn't let it run without that unchecked.

    Some of the processes I have it configured for atm.

    Enhanced Mitigation Experience Toolkit 2.0 advice sought-capture.jpg

    Here is a little email I shot off to them a month ago about some questions I had. You could always send them off something just like I did and see if you can get anymore info on it.

    Hi,

    I'm just starting to look into using EMET 2.0.0.3 for myself on my personal Windows 7 x64 system, and I have a couple questions regarding the Configure System settings.

    For instance, when choosing the Maximum Security Settings which lists as:

    DEP Always On
    SEHOP Application Opt Out
    ASLR Application Opt In

    Why is SEHOP listed as Application Opt Out? Does this mean that no processes will be using it? Should it be set to Opt In to be used by processes?

    Also, if choosing one of the Configure System settings, does this apply to all processes and .exe running at any given time? If so, why does it not show any of the running processes marked off under Running EMET on the EMET GUI?

    Or does one have to add each process under Configure Apps section also?


    Any clarification on this would be appreciated. Thank your for your time.

    Regards,
    Hello Aaron,

    Application opt-out means that the application will opt-in always unless it explicitly says it does not want to have this mitigation.
    Please note ASLR opt-out is not present as an option by default (please refer to the user guide in order to have that option) since it has some compatibility issues with some programs.

    EMET also provides some extra mitigations such as Mandatory ASLR, EAT Filtering ,etc. In order to opt-in applications into these you have to configure them through the GUI. Please refer to section 2.3 at the User guide for detailed steps on how to do this.

    Thank you,

    -
    Fermin J. Serna
    MSRC Engineering (REACT)
      My Computer


  5. Posts : 826
    Windows 7 Professional 64 Bit SP1
       #5

    All of the programs I added to the emit list work perfectly, I didn't need to un-check any of the protection options.

    On a side note though, I did have to leave hardware dept as 'opt-out' since leaving hardware dept as forced caused my computer lag. Well, opt-out is better than opt-in, at at least now all my apps (cept a few core system processes) use hardware DEP (they didn't before.)

    karlsnooks said:
    I would be interested in hearing any suggestions/experiences using the Enhanced Mitigation Experience Toolkit.
      My Computer


  6. Posts : 112
    7
       #6

    Tried it here a while and won't bother using it as I found it be less than beneficial.

    Some of the Wilders folks reckon it's OK.
    EMET - A new Windows security mitigation toolkit - Wilders Security Forums
      My Computer


  7. Posts : 10,200
    MS Windows 7 Ultimate SP1 64-bit
    Thread Starter
       #7

    Progress report:
    Have not been able to "break" emet.

    Have not added all apps yet but majority have been added.

    Have not had to uncheck any of the components on any of the apps.

    Have not tried Belarc or PSI or RevoUninstaller yet.

    karl
      My Computer


  8. Posts : 112
    7
       #8

    karlsnooks said:
    Progress report:
    Have not been able to "break" emet.
    What is emet supposed to protect?

    Enhanced Mitigation Experience Toolkit 2.0 advice sought-em.jpg

    Enhanced Mitigation Experience Toolkit 2.0 advice sought-emet2.jpg

    Enhanced Mitigation Experience Toolkit 2.0 advice sought-reg.jpg

    Enhanced Mitigation Experience Toolkit 2.0 advice sought-tm.jpg
      My Computer


  9. Posts : 10,994
    Win 7 Pro 64-bit
       #9

    Are you running an anti-malware program called Security Tool or are these pop-ups that suddenly appeared? If these Security Tool notices are pop-ups then Security Tool is probably the malware.
      My Computer


  10. Posts : 112
    7
       #10

    Security Tool is an exe killing rogue security app.

    I added Regedit, Task Manager and Notepad to Emet's protection but Security Tool still killed em.

    Emet's gui was killed as well.
      My Computer


 
Page 1 of 2 12 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 21:41.
Find Us