SECURITY CONSCIOUS USERS will be given a helping hand by using a toolkit from that fortress of highly secure software, Microsoft.
The Vole has updated its Enhanced Mitigation Experience Toolkit (EMET), a piece of software that aims to plug potential security holes in third party software. This second version of the Microsoft toolkit provides two mitigation techniques that should help harried Windows systems administrators try to contain things when applications go awry.
Export address table access filtering and mandatory address space layout randomization are fairly standard security techniques and combine with others in the previous EMET release that included technologies such as dynamic data execution prevention. EMET is supposed to be particularly useful for those legacy programs that cannot be recompiled to make use of Microsoft's latest security hacks, er, techniques.
Microsoft's decision to provide a security wrapper for applications is a pretty damning indictment of the attention Windows applications developers pay to security. It's clear that software such as EMET is not the best way to implement security, however Microsoft should be given some credit for at least trying to tackle shoddy coding practices that expose the vulnerabilities in its hairball operating systems.
Some might argue that Microsoft's iffy design choices in Windows do little to mitigate security problems. That may indeed be so, but the fact remains, given Microsoft's less than stellar track record on the matter, it's hardly a glowing endorsement to say that an application has been secured using Microsoft's technology.
Nevertheless, EMET does offer those applications that are no longer officially being maintained the ability to gain the benefits of some of Microsoft's more recent attempts at security measures. µ
Sweet streams are made of these
'5Guarantee' all but guarantees a 5G iPhone
Firm Kracks down on WiFi flaw
Razring the stakes