Black Hat 2010: Microsoft releases free security tool for older platforms

Microsoft has released a free tool to bring newer security protections to older platforms and applications.

Microsoft has released a free tool to bring newer security protections to older platforms and applications.

The enhanced mitigation experience tookit (EMET) was announced at the BlackHat USA 2010 security conference in Las Vegas.

EMET will be available from August and is designed to help block targeted attacks against unpatched vulnerabilities in platforms such as Windows XP and Windows Server 2003.

EMET is aimed at IT professionals to enable them to build in updated protections into applications and processes without recoding or recompiling, said Dave Forstrom, director, Trustworthy Computing at Microsoft.

The firm also used the conference to release a paper by Microsoft Vulnerability Research (MSVR) and a report on building a safer, more trusted internet through information sharing.

The MSVR was set up to share the lessons Microsoft has learned about building secure software and responding to vulnerabilities in third-party applications.

The paper gives a detailed account of how the MSVR has improved the overall security in Microsoft and third-party products.

In 2008, 13% of vulnerabilities reported to third-party organisations were resolved, but that was up to 45% in 2009, said Forstrom.

The report on building a safer internet outlines the activities and evolution of the Microsoft active protections programme MAPP, MSVR and the Microsoft Exploitability Index.

Microsoft launched the three community-based defence programmes at the BlackHat conference in August 2008 to share more security information with partners and customers.

According to the report, MAPP has reduced the risk of attack in some cases by more than 75%, the exploitability index has helped reduce risk by helping system administrators to prioritise security updates, and the MSVR programme has identified 35 different vulnerabilities affecting 19 suppliers.

Read more on Antivirus, firewall and IDS products