EMET 4.0 now available for download

We are pleased to announce that the final release of version 4.0 of the Enhanced Mitigation Experience Toolkit, best known as EMET, is now finally available for download. You can download it from Download Enhanced Mitigation Experience Toolkit 4.0 from Official Microsoft Download Center.

We already mentioned some of the new features introduced in EMET 4: Certificate Trust, mitigations improvement hardening, and the Early Warning Program. During our beta period we added new features and solved application compatibility issues that have been reported both externally and internally. Below is a summary of the changes and enhancements:

Redesigned User Interface: We realized that with the addition of the new features introduced in EMET 4.0 Beta, the old graphical user interface was not as effective and easy to use. For this reason, we decided to re-design EMET’s GUI to facilitate and streamline the configuration operations. We also added the possibility to select the look-and-feel of EMET from a set of skins that we included. Finally, the new user interface is accessible and will change automatically according to your system settings:




Configuration Wizard: We know that configuration can be challenging when installing EMET for the first time. In EMET 3.0 we added the Protection Profiles, which were used to facilitate the initial configuration for applications. With EMET 4.0 we are introducing a Configuration Wizard that will automatically configure EMET with a standard set of SSL certificate pinning rules as well as a list of applications to protect. It also can preserve existing EMET 3.0 settings, and gives the possibility to add standard configuration for the new features. The Configuration Wizard will start automatically during EMET’s installation and can also be accessed, at any time, from EMET GUI. Advanced users can choose to apply a standard configuration through the Configuration Wizard and then customize EMET’s configuration afterwards according to their needs.

Changes in Certificate Trust: We made a few changes to the Certificate Trust feature, based on users’ feedback, further internal investigation, and partnership with third party online services. We added a new exception to the SSL certificate pinning rules that if enabled will make EMET verify just the Public Key component of the Root CAs present in the rule without matching subject name and serial number. Additionally, we made the Certificate Trust feature available on 64-bit versions of Internet Explorer. Finally, we added to the previous default rules for Microsoft online services new rules also for Twitter, Facebook, and Yahoo!.

Updated Group Policy profiles: Enterprise customers will notice that we updated our Group Policy profiles to include not only the ability to configure system and application mitigations, but also the reporting mechanisms, the advanced mitigation configurations, and the exploit action.

If you have EMET 4.0 Beta or EMET 3.5 Technical Preview installed on the system, you will need to uninstall them before installing EMET 4.0, and you will need to remove EMET’s configuration from the registry, by deleting the registry hives HKLM\Software\Microsoft\EMET and, if existing, HKLM\Software\Policies\Microsoft\EMET. If you have EMET 3.0 installed on the system, you don’t need to uninstall it before installing EMET 4.0. The previous version will be uninstalled and at the end of the installation you’ll have the opportunity to migrate the existing settings or to reset EMET configuration with the new default settings.

We want to thank those of you that downloaded EMET 4.0 Beta in the past two months and that provided valuable feedback that greatly helped us finalize EMET 4.0. In particular, we want to thank the Yang Yu from NSFocus security team that reported a technique that allowed to bypass EMET’s protections, and Adam Langley and Cem Paya from Google for feedback on the Certificate Trust feature. As said, we received many, many emails, and it would be impossible to name all the people that provided feedback for EMET 4.0 Beta. You know who you are, and we really appreciated your effort in testing EMET and reaching out to us to provide feedback. Again, thank you!

We truly hope that you enjoy all the new features that we introduced in EMET 4.0. We will continue working on improving EMET to provide better and better protections against internet attacks for customers and to make it even more user friendly and easy to use.
Click to expand...

Read more at source: EMET 4.0 now available for download - Security Research & Defense - Site Home - TechNet Blogs


See also: Enhanced Mitigation Experience Toolkit (EMET) - Windows 7 Help Forums
 
Click to expand...
Enhanced - MITIGATION? You mean, I need to tool to show unMITIGATED Gall now? :)
 

My Computer

System One

  • OS
    Windows 8 Pro with Media Center/Windows 7
    Computer type
    PC/Desktop
    System Manufacturer/Model
    Asus M2N-MX SE Plus § DualCore AMD Athlon 64 X2, 2300 MHz (11.5 x 200) 4400+ § Corsair Value Select
    CPU
    AMD 4400+/4200+
    Motherboard
    Asus M2N-MX SE Plus/Asus A8M2N-LA (NodusM)
    Memory
    2 GB/3GB
    Graphics Card(s)
    GeForce 8400 GS/GeForce 210
    Sound Card
    nVIDIA GT218 - High Definition Audio Controller
    Monitor(s) Displays
    Hitachi 40" LCD HDTV
    Screen Resolution
    "1842 x 1036"
    Hard Drives
    WDC WD50 00AAKS-007AA SCSI Disk Device
    ST1000DL 002-9TT153 SCSI Disk Device
    WDC WD3200AAJB-00J3A0 ATA Device
    WDC WD32 WD-WCAPZ2942630 USB Device
    WD My Book 1140 USB Device
    PSU
    Works 550w
    Case
    MSI "M-Box"
    Cooling
    Water Cooled
    Keyboard
    Dell Keyboard
    Mouse
    Microsoft Intellimouse
    Internet Speed
    Cable Medium Speed
    Browser
    Chrome/IE 10
    Antivirus
    Eset NOD32 6.x/Win Defend
    Other Info
    Recently lost my Windows 8 on my main PC, had to go back to Windows 7.
You must log in or register to reply here.
Back
Top