Plugins Restricted by Microsoft’s EMET

Microsoft has finally launched a security tool which has the purpose to stop exploits. This tool gives administrators the possibility to identify the moment when third-party plugins are released, which have always been a route preferred by hackers worldwide.

The famous computing company has spent a lot of time and energy in improving EMET (Enhanced Mitigation Experience Toolkit). This is a free tool that can be used in order to strengthen the security of various applications which have not been produced by Microsoft. It functions by making use of the defenses built up inside Windows. These defenses are called Address Space Layout Randomization (often abbreviated as ASLR) and DEP (Data Execution Prevention).

The 5.0 iteration has a feature named “Attack Surface Reduction”. This can stop some of the plugins and modules belonging to an application than may be abused.

Chris Betz, the senior director of the Security Response Center belonging to Microsoft, said that Microsoft World can be stopped from uploading a plugin of the Adobe Flash Player type. Moreover, it can permit the Java plugins to function on site belonging to the intranet.

More and more hackers are showing a preference towards third-party software because it has become increasingly difficult in discovering vulnerabilities in the operating system created by Windows. The most targeted are the applications belonging to Java and Adobe Systems.

The Enhanced Mitigation Experience Toolkit has been created in order to stop the Adobe Flash plugins that can be uploaded via PowerPoint, Excel or Word. Chris Betz said that an important improvement brought to EMET refers to the digital certificates, which have the purpose to make more secure the Secure Socket Layer connection. The blocking mode with which EMET is equipped is capable of informing Internet Explorer of the presence of an untrusted certificate. This leads to the halt of the SSL connection.

The computing company has managed to improve and make EMET stronger after managing to bypass the mitigations of its 4.0 version. Researchers working for Bromium, a company specialized in creating security technologies functioning on micro-virtualization, discovered that several hackers were able to pass all the EMET security measures.

Microsoft worked hard in order to strengthen EMET against various bypass techniques. These might occur when a memory corruption within an application secured by means of EMET is abused in order to overwrite selected memory zones as well as to corrupt data which belong to EMET.