Tip:
Highlight text to annotate it
X
[music]
ANNOUNCER>>> Microsoft's Enhanced Mitigation Experience Toolkit, or EMET, protects systems
even before new and undiscovered threats are formally addressed by security updates and
anti-malware software.
Let's take a look at two of the new mitigations.
Attack Surface Reduction; ASR. Here's an example of how it works.
We're going to a few websites to verify that Java, Flash, and Windows Media Player plug-ins
are working, to show how the attack surface reduction mitigation works.
Now we enable the ASR security mitigation. We add IEexplore.exe to the application configuration
list, and verify that the ASR security mitigation is configured for the IEexplore.exe process.
Once we restart the browser, and navigate to the previous test websites, we see that
the plug-ins for Java, Flash, and Windows Media Player are now blocked.
When we add the websites to the list of trusted sites within Internet Explorer, you can now
see that EMET allows the sites to work.
By limiting the number of plug-ins and modules that an application can load, ASR reduces
that application's exposure to attacks.
With EAF+, we've added refinements that include additional integrity checks, and prevent memory
read operations when they originate from suspicious code.
The new EAF+ helps detect and block current techniques used to reliably execute malicious
code when a vulnerability is exploited.
For more information about EMET, and these mitigations, we encourage you to visit Microsoft.com/EMET.