My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Important EMET 5.1 Update. Apply before Patches today

Published: 2014-11-11. Last Updated: 2014-11-11 14:43:37 UTC
by Johannes Ullrich (Version: 1)
2 comment(s)

Microsoft yesterday release EMET 5.1 . One particular sentence in Microsoft's blog post suggests that you should apply this update (if you are using EMET) BEFORE you apply the Interent Explorer patch Microsoft is going to release in a couple of hours:

"If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the EAF+ mitigation."

For full details, and features added in EMET 5.1, see Microsoft's blog post [1]

[1] http://blogs.technet.com/b/srd/archive/2014/11/10/emet-5-1-is-available.aspx

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
2 comment(s)
My next class:
Network Monitoring and Threat Detection In-DepthSingaporeNov 18th - Nov 23rd 2024

Comments

I had IE crashing with EMET 5.0 before the November updates. The problem was the same EAF+ mitigation as indicated on Technet blog.

After updating to EMET 5.1 the Office 2013 Word can not be started when EAF mitigation is on. EAF+ was already disabled on recommended EMET 5.1 settings (offered by the installation), now I have to disable the EAF mitigation too..

Kind of takes a way the trust for the EMET to do anything usefull.
I would say that it is Office 2013 that needs the update. EMET is running ahead of the curve on being able to keep O-day exploits to a minimum. Unfortunately Office 2013 is running behind the curve.

Diary Archives