Image: Shutterstock
Microsoft has released a Windows 10-compatible version of its seven-year-old anti zero-day tool but says the product is surplus to requirements for its latest OS and Edge browser.
Since 2009, if Microsoft couldn't patch a software flaw before it came under attack, it would tell enterprise customers to use EMET, the Enhanced Mitigation Experience Toolkit.
It has recommended it many times over the years but a case in point was when FireEye found hackers exploiting a bug affecting all versions of IE[1]. Microsoft didn't have a patch, so it told everyone to use EMET until it released one.
The company this week announced the officially Windows 10-compatible version 5.5 of EMET. However, it launches as a tool that Microsoft believes is now largely redundant, thanks to inbuilt security improvements it has made to Windows 10.
Microsoft is so confident of how it has hardened its Windows 10 Edge browser that it's dropped support for it in EMET 5.5.
"Given the advanced technologies used to protect Microsoft Edge[2], including industry-leading sandboxing, compiler, and memory-management techniques, EMET 5.5 mitigations do not apply to Edge," Microsoft's EMET team said[3].
Microsoft is just as confident that Windows 10 devices won't need EMET.
"We have implemented many features and mitigations that can make EMET unnecessary on devices running Windows 10," it said.
Microsoft points out that Windows 10 has several security features that are actually superior to those offered by EMET. That's quite an achievement, given EMET's role as a fallback when standard security procedures, namely patching or a hotfix, aren't available.
Among these Windows 10 features that are superior to those provided by EMET include Device Guard, its hardware-based zero-day protection that locks down a device to trusted applications once it's been configured.
The other two are Control Flow Guard, a tool for secure software coding in Visual Studio 2015, and AppLocker, which prevents unwanted applications from executing on a company's network.
Still, EMET 5.5 does include a number of feature updates that are applicable to both Windows 10 and older operating systems, including Windows 7, Windows 8.1, Windows Server 2008, Windows Server 2012, Windows Server 2012 R2, and Windows Vista.
Given that Microsoft's enterprise customers are slower than consumers to upgrade desktop platforms, EMET remains an essential tool for the moment and extends some of Windows 10's baked-in security features.
"EMET is most useful to help protect down-level systems, legacy applications, and to provide Control Flow Guard (CFG) protection for third-party software that may not yet be recompiled using CFG," the company noted.
References
- ^ when FireEye found hackers exploiting a bug affecting all versions of IE (krebsonsecurity.com)
- ^ Microsoft Edge (blogs.windows.com)
- ^ Microsoft's EMET team said (blogs.technet.com)