Money will buy a fine dog, but only kindness will make him wag his tail
|
|
|
Black Hat: Microsoft releases free security tools to the community
UNPATCHED MICROSOFT APPLICATIONS, which can't be many, can now be dealt with using a tool for IT administrators developed by the dominant consumer PC software company.
Dubbed the Enhanced Mitigation Experience Toolkit (EMET), the application is designed to address the shift by attackers from targeting operating systems to focusing on applications.
"When you see a trend of that shift from the operating system layer to the application layer it's a strong testament to hardening the operating system," Dave Forstrom, director of Microsoft trustworthy computing told The INQUIRER at Black Hat 2010.
"The purpose of EMET is you take the most current security mitigations and make them available for older applications. If people are using still older browsers for example, they won't have some mitigations on by default."
The tool has been designed with a simple GUI to make it as easy as possible to use. It records no data for privacy and can be very helpful in preventing problems developing he said.
Overall the reaction from the industry has been positive he said, and the researcher community was now seeing Microsoft as a help not a hindrance. µ
Share this:
Share
Thanks for not telling what it really does, very useful article - if you are
into not knowing what's going on that is.
And incidentally is there any documentation or verification outside MS that there is a shift away form the OS vulnerabilities? Or do we just have to believe? hallelujah
Your statement "UNPATCHED MICROSOFT APPLICATIONS, which can't be many,"
Seems to be a bit of journalist legerdemain.
All of 'microsoft's applications' have been 'patched' innumerable times....
That makes it sound like they have been fixed...
Nothing could be further from writing like it is...
It is not a question of have they been patched...
It is a question of have they been FIXED...
You can patch an old tire tube dozens of times with bubble gum. It still needs to be fixed, replaced, or, better yet, replaced with tubeless so the tube isn't the problem (like replacing Windows, so you don't have the problems, might be implied... but... had that been an option, you would have said 'fixed' instead')
I seem to recall hearing about a thing called 'Buffer Overflow...' Been getting patched for over 20 years.. hundreds (literally) of times...
Seems to pop up about once a month, or so, still...
There are applications that have stayed unfixed and unpatched for years, and the blackhats use the weaknesses for years, until someone squeals in open media (Microsoft knew of the problem, but no one in 'media' did). Then they have time for a 'patch' or a 'work around' (Usually disabling Java Script) to be put up until it is 'fixed' or everyone forgets about it until the next time... and there will be a next time, which the jurno/techno/presto/chango crowd will act as if it was a new problem...
As in... Have you ever heard of 'buffer overflow'?????