Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Important EMET 5.1 Update. Apply before Patches today - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Important EMET 5.1 Update. Apply before Patches today

Microsoft yesterday release EMET 5.1 . One particular sentence in Microsoft's blog post suggests that you should apply this update (if you are using EMET) BEFORE you apply the Interent Explorer patch Microsoft is going to release in a couple of hours:

"If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the EAF+ mitigation."

For full details, and features added in EMET 5.1, see Microsoft's blog post [1]

[1] http://blogs.technet.com/b/srd/archive/2014/11/10/emet-5-1-is-available.aspx

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

I will be teaching next: Defending Web Applications Security Essentials - SANS Munich July 2019

Johannes

3537 Posts
ISC Handler
I had IE crashing with EMET 5.0 before the November updates. The problem was the same EAF+ mitigation as indicated on Technet blog.

After updating to EMET 5.1 the Office 2013 Word can not be started when EAF mitigation is on. EAF+ was already disabled on recommended EMET 5.1 settings (offered by the installation), now I have to disable the EAF mitigation too..

Kind of takes a way the trust for the EMET to do anything usefull.
Paul

13 Posts
I would say that it is Office 2013 that needs the update. EMET is running ahead of the curve on being able to keep O-day exploits to a minimum. Unfortunately Office 2013 is running behind the curve.
ed

5 Posts

Sign Up for Free or Log In to start participating in the conversation!