• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 75
  • Last Modified:

difference between EMET 4.1. and 5.0

my customer aks me what are the difference between EMET 4.1. and 5.0 and why should he use the latest version? what would be the pro`s?
0
DukewillNukem
Asked:
DukewillNukem
  • 2
  • 2
1 Solution
 
Giovanni HewardCommented:
EMET 5.0 release includes new functionality and updates, such as:
- Attack Surface Reduction (ASR), to limit the attack surface of applications and reduce attacks.
- Export Address Table Filtering Plus (EAF+), to improve and extend the current EAF mitigation.
- 64-bit ROP mitigations, to anticipate future exploitation techniques.
- Several security, compatibility and performance improvements.

Read more @ http://blogs.technet.com/b/srd/archive/2014/07/31/announcing-emet-v5.aspx

I also recommend you look into Invincea @ http://www.invincea.com/how-it-works/containment/
0
 
Rich RumbleSecurity SamuraiCommented:
5 isn't ready yet, especially when it comes to office and IE protections, after you gracefully shutdown IE or an office application, it will restart them. It's probably the last major bug they have to fix.
http://social.technet.microsoft.com/Forums/security/en-US/1e70c72b-67b2-43c4-bd36-a0edd1857875/application-compatibility-issues?forum=emet
You should stick to 4.1 until 5 is more official.
-rich
0
 
DukewillNukemAuthor Commented:
of course 5.0 is ready....
0
 
Rich RumbleSecurity SamuraiCommented:
5 is not ready, it's in tech-preview, you can try it, I think you'll have issues when closing programs, they will re-spawn, but that's the only thing I can find wrong with it currently. It's best to have one of the EMET releases deployed, and 4.1 is where I'd start. There was some work done on bypassing EMET (4.1), and 5.0 addresses that and adds a few features as well. http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/
-rich
0
 
DukewillNukemAuthor Commented:
EMET 5.0 is now out and ready to deploy.ill stick with it.
but what are the pro`s i should prefer 5.0 than 4.1?
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now