HomeWinBuzzer NewsMicrosoft Security Tool EMET Hacked By EMET

Microsoft Security Tool EMET Hacked By EMET

-

A hacking team has used 's EMET security tool to turn the crosshairs on … well, EMET. This means Redmond's own software has been used to shoot itself in the foot.

While testing for loopholes, security company FireEye found a way to disable the Microsoft's Enhanced Mitigation Experience Toolkit, and the team achieved it by only using EMET.

Microsoft EMET is designed to locate and trap malicious behavior by placing anti-malware protocols into applications.
Abdulellah Alsaheel and Raghav Pande of FireEye turned the toolkit 180 degrees on itself to target EMET code that turns off the EMET feature.

If a hacker was to follow the code application, it would be possible to shut down the toolkit from within the service, meaning apps would not be protected.

The code systematically disables EMET's protections and returns the program to its previously unprotected state,” the pair says.

One simply needs to locate and call this function to completely disable EMET. Jumping to this function results in subsequent calls, which remove EMET's installed hooks.”

The exploit only affects 5.0, 5.1, and 5.2 of the Enhanced Mitigation Experience Toolkit, so those using are fine. Microsoft's latest platform has EMET baked in directly to apps and the latest version 5.5, released on February 2nd, fixes the breach.

Of course, if you have missed that update it is worth heading to Microsoft's download page and pulling in the patch immediately.

SOURCE: FireEye

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News