Wednesday, October 20, 2010

EMET from Microsoft

Busy day for Posting: Another thing I have come across is the EMET tool from Microsoft. It basically wraps security around other programs and runs on Windows XP SP3 and later. It does solve the security problems in these programs, but provides protection until a patch can be applied. For example, (not picking on Adobe), but if a malicous pdf is run inside Adobe Reader, EMET will step in and crash Reader to prevent the bad codes from running, thus protecting the system from infection.

So far I have tested it with firefox, Internet Explorer, java and Adobe reader. Also I have wrapped the svchost program which connects the system to the Internet. In addition, I have wrapped lssas which is the local security authentication server. I know the best method is to always know the source of the files you download and scan them with an Antivirus tool; but any extra protection is always welcome.

No comments:

Post a Comment