Hacker News new | past | comments | ask | show | jobs | submit login

down for me.

cache: https://webcache.googleusercontent.com/search?q=cache:e1CDpJ...

not sure when it was original posted, as its noted there is an update today Nov 21st 2016, and that is the same date of the article.

basically, Windows 10 doesnt use EMET, and MS claims its because Windows 10 has other mitigation techniques making it more secure. however, as per the article, there are many mitigation steps not included, and many require application to be compiled specifically for EMET replacement mechanisms.

the update to the article today is Windows 10 support more than previously in latest release, however still doesn't support everything EMET provides.




Microsoft is discontinuing EMET next year.

This is a pity, as it allows Windows 7 and 8 users to protect apps against all sorts of exploits.

Perhaps MS wants to up the pressure to upgrade to Windows 10?


EMET is a complex service that requires a small dedicated team to functionally operate at organizations of any size. Its simply too hard of a sell to all but the most security-focused enterprises, and the resources that go into it would be better utilized on regular systems security.


I can tell you that the US Military uses EMET so resources are certainly not a problem.


I've heard that the roll out was incredibly painful, as evidenced by the repeated change of the STIG controls from required to optional and back.


Isn't the US Military one of the best-funded organizations in the planet, though?


I think their belief is that some of their new security features will cover the gap. https://www.microsoft.com/en-ca/WindowsForBusiness/Windows-A...

I know they partnered with Bromium to help create this. https://blogbromium.files.wordpress.com/2016/09/bromium-micr...

So essentially they replaced it with a microvisor, its pretty neat really. I haven't personally played with it yet, but I am curious how they deal with user/application data. Bromiums offering was very limited in many ways (mainly the applications that are supported) but it is amazing. You basically can open up a browser, grab a virus, shutdown the browser. And you are done! Once you launch it again it will be a clean application, on a fresh microvisor.


MS have listened and pushed back EOL to mid 2018. Looks like they are still trying to encourage upgrades to Win 10 though.

From https://support.microsoft.com/en-us/kb/2458544:

> The Enhanced Mitigation Experience Toolkit

> We have listened to customers' feedback regarding the January 27, 2017 end of life date for EMET and we are pleased to announce that the end of life date is being extended 18 months. The new end of life date is July 31, 2018. There are no plans to offer support or security patching for EMET after July 31, 2018. For improved security, we recommend that customers migrate to the latest version of Windows 10.


The release notes for EMET 5.5 state that it supports Windows 10. Weird...

https://www.microsoft.com/en-us/download/details.aspx?id=507...


> basically, Windows 10 doesnt use EMET

You can still use EMET on Windows 10 though. I believe the main takeaway from the article should be that they're discontinuing it.

You can get almost all of the EMET provided mitigations except for EAF and the ROP protections from a vanilla Windows 10 install (see my top level comment[1]). There's also the cert pinning but currently that's only useful for IE.

[1] https://news.ycombinator.com/item?id=13011211




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: