EMET | Microsoft Security Response Center

New Internet Explorer vulnerability affecting all versions of IE

Wednesday, December 22, 2010

Today we released Security Advisory 2488013 to notify customers of a new publicly-disclosed vulnerability in Internet Explorer (IE). This vulnerability affects all versions of IE. Exploiting this vulnerability could lead to unauthorized remote code execution inside the iexplore.exe process. Proof-of-concept exploit bypasses ASLR and DEP The Metasploit project recently published an exploit for this vulnerability using a known technique to evade ASLR (Address Space Layout Randomization) and bypass DEP (Data Execution Prevention).

On the effectiveness of DEP and ASLR

Wednesday, December 08, 2010

DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) have proven themselves to be important and effective countermeasures against the types of exploits that we see in the wild today. Of course, any useful mitigation technology will attract scrutiny, and over the past year there has been an increasing amount of research and discussion on the subject of bypassing DEP and ASLR [1,2].

Updated EMET Version 2.0.0.3 Released

Wednesday, November 17, 2010

It’s recently come to our attention that some Enhanced Mitigation Experience Toolkit (EMET) v2.0 users may have potential issues with the update functionality of specific applications from Adobe and Google. As a result, today we released a new version of EMET that will help ensure these updaters work as expected when EMET is in place for added protection.

EMET

DEP, EMET protect against attacks on the latest Internet Explorer vulnerability

Wednesday, November 03, 2010

Today we released Security Advisory 2458511notifying customers of limited attacks leveraging an Internet Explorer vulnerability. The beta version of Internet Explorer 9 is not affected while Internet Explorer 6, 7, and 8 are affected. So far the attacks we have seen only target Internet Explorer versions 6 and 7 on Windows XP.

Internet Explorer の新たな脆弱性を調査中。セキュリティアドバイザリ 2458511 を公開。

Wednesday, November 03, 2010

こんにちは。セキュリティレスポンスチームです。日本時間の今朝、Internet Explorer の脆弱性に関するセキ

Use EMET 2.0 to block Adobe Reader and Acrobat 0-day exploit

Friday, September 10, 2010

Background on the exploit As you probably know there is a new exploit in the wild for Adobe Reader and Acrobat. This particular exploit is using the Return Oriented Programming (ROP) exploit technique in order to bypass Data Execution Prevention (DEP). Normally Address Space Layout Randomization (ASLR) would help prevent successful exploitation.

The Enhanced Mitigation Experience Toolkit 2.0 is Now Available

Thursday, September 02, 2010

Today we are pleased to announce the availability of the Enhanced Mitigation Experience Toolkit (EMET) version 2.0. Users can click here to download the tool free of charge. For those who may be unfamiliar with the tool, EMET provides users with the ability to deploy security mitigation technologies to arbitrary applications.

Announcing the upcoming release of EMET v2

Wednesday, July 28, 2010

** UPDATE: Version 2.0 of EMET is now available. Click here to read more about it. * What is EMET? In October 2009, we released a tool on this blog called EMET that provides users with the ability to deploy security mitigation technologies to arbitrary applications. Doing so helps to prevent vulnerabilities in those applications (especially line of business and 3rd party apps) from successfully being exploited.