Anyone ever use the Microsoft tool EMET ("Enhanced Mitigation Experience Toolkit")? I haven't tried it but it sounds very interesting in that it can protect in vulnerabilities regardless of who made a software. Possibly would be good for old software that's abandoned and vulnerable.
No, have not used it, but did download it. It sounds really good.
This sounds interesting.
http://www.rationallyparanoid.com/articles/microsoft-emet-3.html
I've been using it for a few hours at the moment, so far everything is good. That article you linked to was also helpful in me deciding to give it a try. The RAM usage is about 14-27 MB on WinXP, however I don't even notice any performance hits from the EMET Notifier running. Will need to play with it much longer to know if it's a keeper or not.
Makes me wonder why they don't somehow merge it into something like Microsoft Security Essentials, think how good that antivirus would be then.
-----------
Edit:
Ok Firefox isn't exactly working so smooth with it being protected by EMET at the moment, well actually I noticed it a few minutes ago too before I rebooted. I'll have to remove the Firefox protection it seems because it's acting too jerky, and typing this in is acting very weird and slow too.
I use it on a Windows 7 laptop and I haven't noticed anything functioning differently. If I remember correctly, the ALSR and SEHOP technologies do not work in Windows XP so it may be of limited use on an XP machine.
I know about the limitations with WinXP. For the heck of it I added in a bunch of programs that can update via the Internet and it stopped SpywareBlaster because of EAF, which was impressive seeing it block something. I however only had four programs that can access the Internet which weren't going to work with EMET.
And my Firefox issue was just something not even related to EMET.
I did look into using EMET Andavari at one point. However as I use HIPS as part of my layered defense (host intrusion prevention system) which I use to decide what my internet facing apps are allowed to do, I decided against it.
It is still is a very interesting concept and one which works as a system hardening tool and is one of Microsofts good ideas. Used as a layered approach it's a good tool indeed.
It's a good tool, however I do wish they could simulate the running of programs you add into it to know if they'll work, not work, or worse blue screen your computer.
A bit of an old thread I know but there is a new good how-to here for anyone wanting to know more about this, and more importantly it has screenshots and clear info.
I've wondered why it has never been incorporated right into the OS.
It's been around for long enough and seen a few Windows versions come and go that it should have been.
Thanks, Hazelnut. Very informative.