Microsoft Enhanced Mitigation Experience Toolkit (EMET)

Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental security defenses to defend potentially vulnerable legacy and third-party applications.

EMET works with all currently supported Windows operating systems. Microsoft particularly recommends that enterprises use it to protect applications running on Windows XP, as the operating system lacks the security controls build into newer versions of Windows.

EMET uses 12 specific mitigation techniques that seek to prevent exploits related to memory corruption, making it harder for attackers to find and exploit vulnerabilities, including:

  • Data execution prevention -- a security feature that helps prevents code in system memory from being used incorrectly
  • Mandatory address space layout randomization -- a technology that makes it difficult for exploits to find specific addresses in a system's memory
  • Structured exception handler overwrite protection -- a mitigation that blocks exploits that attempt to exploit stack overflows  
  • Export address table access filtering -- a technology that blocks an exploit's ability to find the location of a function
  • Anti-Return Oriented Programming -- a mitigation technique that prevents hackers from bypassing DEP
  • SSL/TLS certificate trust pinning -- a feature that helps detect man-in-the-middle attacks leveraging the public key infrastructure

EMET version 4.0 was released in June 2013.

This was last updated in March 2014

Continue Reading About Microsoft Enhanced Mitigation Experience Toolkit (EMET)

Dig Deeper on Application and platform security