Wednesday, May 08, 2013
Three weeks ago, we released a beta version of EMET 4.0 to get feedback on the new EMET features and to get more real-world testing before the official release. We have been amazed and so grateful for the thousands of downloads and hundreds of emails with feature suggestions, bug reports, questions about the new features, and kind words cheering us on.
Wednesday, May 08, 2013
Today, we are making available a “Microsoft Fix it” solution to block attacks leveraging the Internet Explorer 8 (IE8) vulnerability described in Security Advisory 2847140. This code-signed, easily downloadable and install-able Fix it package uses the Windows application compatibility toolkit to make a small change at runtime to mshtml.dll every time IE is loaded.
Sunday, April 21, 2013
本記事は、Security Research & Defense のブログ “Introducing EMET v4 Beta” (2013 年 4 月 18 日公開) を翻
Thursday, April 18, 2013
Great news! Today we are proud to announce a beta release of the next version of the Enhanced Mitigation Experience Toolkit (EMET) – EMET 4.0. Download it here: http://www.microsoft.com/en-us/download/details.aspx?id=38761 EMET is a free utility that helps prevent memory corruption vulnerabilities in software from being successfully exploited for code execution. It does so by opt-ing in software to the latest security mitigation techniques.
Tuesday, February 12, 2013
We are pleased to announce that as of today customers with access to Microsoft Services Premier and Professional Support can receive EMET related technical assistance. This is an important step for us to better support professional and enterprise customers and answer questions related to EMET deployment, configuration, and troubleshooting. The support will be fee based.
Saturday, December 29, 2012
Today, the MSRC released Security Advisory 2794220 alerting customers to limited, targeted attacks affecting customers using Internet Explorer 6, 7, and 8. Internet Explorer 9 and Internet Explorer 10 users are safe. More information about the vulnerability and exploit In this particular vulnerability, IE attempts to reference and use an object that had previously been freed.
Wednesday, September 19, 2012
Today, we revised Security Advisory 2757760 with two new pieces of information: A Fix It solution is available to address the vulnerability via an app-compat shim The comprehensive security update will be released out-of-band on Friday. In this blog post, we’d like to explain more about the vulnerability and explain how the Fix It solution addresses the issue.
Tuesday, August 14, 2012
Today we released MS12-060, addressing a potential remote code execution vulnerability in MSCOMCTL.OCX, the binary included with a number of Microsoft products to provide a set of common ActiveX controls. Limited, targeted attacks exploiting CVE-2012-1856 MS12-060 is on the list of high priority updates for this month for two reasons: we are aware of very limited, targeted attacks taking advantage of CVE-2012-1856 and we expect to see new attacks taking advantage of this vulnerability in days ahead.
Friday, July 27, 2012
2012 年 7 月 25 日 (米国時間)、Enhanced Mitigation Experience Toolkit (EMET) v3.5 Tech Preview 版が利用可能となりました。この Tech Preview 版は名前の
Tuesday, July 24, 2012
Last year at Black Hat Las Vegas, we announced the BlueHat Prize contest – a large cash prize awarded for defensive security research. One month ago, we announced the names of three finalists. On Thursday night shortly after 10 PM, at the Microsoft Researcher Appreciation Party, we will unveil which finalist won which prize – the grand prize of $200,000 USD, the second prize of $50,000 USD, and the third prize of an MSDN subscription, valued at $10,000 USD.
