Attackers can turn Microsoft's exploit defense tool EMET against itself

Exploits can trigger a specific function in EMET that disables all protections it enforces for other applications.

By Lucian Constantin

Hackers can easily disable the Microsoft Enhanced Mitigation Experience Toolkit (EMET), a free tool used by companies to strengthen their Windows computers and applications against publicly known and unknown software exploits.

Researchers from security vendor FireEye have found a method through which exploits can unload EMET-enforced protections by leveraging a legitimate function in the tool itself.

To read the entire article, please click here.

Source: http://www.csoonline.com/

Facebooktwittergoogle_plusredditlinkedinmail