Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is targeted toward system administrators, but the How-To Geek explains how you can use it to secure your personal Windows system as well.
You can find the toolkit, as well as a user’s guide, here on Microsoft’s web site (on the right-hand side). Once you download and install it, select the “Use Recommended Settings” option. This will enable settings that automatically provide protection for the most commonly exploited programs on your Windows machine, including Internet Explorer, Microsoft Office, Adobe Reader and Java. If you want to protect the rest of your software, you can do that too. You can import a file that covers popular applications in the top left menu marked “Import”, and you can even make your own rules to customise your protection for other applications.
So, how does EMET “protect” your applications? It uses something called Data Execution Prevention (DEP), which allows the system to mark specific sections of memory as non-executable data. An attacker would not be able to run code in these sectors because the system has it locked down. Another tactic EMET uses is Address Space Layout Randomisation (ASLR). This randomises the locations of applications and files in your system memory so an attacker can’t create reliable exploits that need to know where certain files and code is. Some rules can cause applications to not work properly because it automatically blankets them with all available security rules. If something isn’t working right, you can go back to EMET and disable specific security rules until it works again or even disable all rules for particular programs.
Hit the link for more details and a more in-depth guide on how it works.
Quickly Secure Your Computer With Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) [How-To Geek]
Comments