News

Microsoft updates free mitigation tool for enterprises

Warwick Ashford

Software mitigation techniques are an important element of layered security for enterprises, says Jonathan Ness, security development manager at Microsoft.

Enterprises can use software mitigations to harden the operating system (OS) and applications by making it more difficult for software vulnerability exploits to execute successfully, Ness said.

While some software mitigations, such as Data Execution Prevention (DEP) and Address Space Layout Randomisation (ASLR) are built into Microsoft's Windows OS, enterprises can enable additional mitigations using Microsoft's free enhanced mitigation experience toolkit (Emet).

Emet, first released for public use in September 2010, gives enterprises the means to protect against unknown vulnerabilities and brings newer security protections to older platforms and applications, both Microsoft and non-Microsoft.

The utility, which provides mitigations such as dynamic DEP and mandatory ASLR, must be configured for each application, but may not be compatible with all non-Microsoft applications.

Microsoft has tried to make the latest version of Emet easier for enterprises to deploy, monitor and configure, said Ness.

Enterprises can now control Emet through Windows Group Policy and deploy and configure Emet through Microsoft's System Center Configuration Manager.

For monitoring, version 3.0 provides user notifications of Emet activity and logging to Windows Event Log of Emet actions.

For the first time, Emet allows the use of wildcards and includes default protection profiles. These are XML files that contain pre-configured Emet settings for common Microsoft and third-party applications.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy