Important EMET 5.1 Update. Apply before Patches today

Published: 2014-11-11. Last Updated: 2014-11-11 14:43:37 UTC
by Johannes Ullrich (Version: 1)

Microsoft yesterday release EMET 5.1 . One particular sentence in Microsoft's blog post suggests that you should apply this update (if you are using EMET) BEFORE you apply the Interent Explorer patch Microsoft is going to release in a couple of hours:

"If you are using Internet Explorer 11, either on Windows 7 or Windows 8.1, and have deployed EMET 5.0, it is particularly important to install EMET 5.1 as compatibility issues were discovered with the November Internet Explorer security update and the EAF+ mitigation."

For full details, and features added in EMET 5.1, see Microsoft's blog post [1]

[1] http://blogs.technet.com/b/srd/archive/2014/11/10/emet-5-1-is-available.aspx

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:

2 comment(s)

Comments

I had IE crashing with EMET 5.0 before the November updates. The problem was the same EAF+ mitigation as indicated on Technet blog.

After updating to EMET 5.1 the Office 2013 Word can not be started when EAF mitigation is on. EAF+ was already disabled on recommended EMET 5.1 settings (offered by the installation), now I have to disable the EAF mitigation too..

Kind of takes a way the trust for the EMET to do anything usefull.

I would say that it is Office 2013 that needs the update. EMET is running ahead of the curve on being able to keep O-day exploits to a minimum. Unfortunately Office 2013 is running behind the curve.

Internet Storm Center

Important EMET 5.1 Update. Apply before Patches today

Comments

Anonymous

Nov 12th 2014
9 years ago

Anonymous

Nov 12th 2014
9 years ago

Important EMET 5.1 Update. Apply before Patches today

Comments

Anonymous

Nov 12th 20149 years ago

Anonymous

Nov 12th 20149 years ago

Nov 12th 2014
9 years ago

Nov 12th 2014
9 years ago