EMET Exploit FireEye

Microsoft has apparently listened to feedback from its customers regarding the previously set date of January 27, 2017. There are no plans to offer support or security patching for EMET after the extended end of life date.

EMET is a tool that helps prevent exploiting vulnerabilities in software, acting as a second layer of security beyond a common antivirus program. Through its use of security mitigation technologies, it forms different kinds of protections and blocks for difficult exploitation.

Still, these security mitigation technologies are the main reason why Microsoft originally terminated the service. There is no guarantee that vulnerabilities will not be exploited, only that it will be more difficult to succeed.

Serious limitations

Microsoft has acknowledged this in a TechNet blog post, saying EMET “has serious limits”, mostly for not being an integrated part of the operating system. It impacts performance and reliability of the system by potentially slowing it down during an application or an OS update.

Additionally, its effectiveness against modern exploit kits has decreased over time. As it hasn’t evolved in the same manner as the OS did, EMET lags behind in comparison to the security features of Windows 10.

In June, Security researcher/expert FireEye revealed that hackers are capable of bypassing Microsoft´s security tool with large-scale attacks, using the popular Angler exploit kit.

However, EMET has been an important element in improving the security of the OS ever since its release in 2009. Microsoft states it has led to many security innovations in Windows 7, 8, 8.1, as well as in Windows 10.

One of those security innovations is directly incorporating EMET’s security features into Windows 10. All of its mitigation features such as DEP, ASLR, and Control Flow Guard (CFG) are included in Windows 10, together with some new ones.

Microsoft is recommending its users to move to Windows 10 as their most secure operating system to date.