difference between EMET 4.1. and 5.0

my customer aks me what are the difference between EMET 4.1. and 5.0 and why should he use the latest version? what would be the pro`s?
DukewillNukemAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Giovanni HewardCommented:
EMET 5.0 release includes new functionality and updates, such as:
- Attack Surface Reduction (ASR), to limit the attack surface of applications and reduce attacks.
- Export Address Table Filtering Plus (EAF+), to improve and extend the current EAF mitigation.
- 64-bit ROP mitigations, to anticipate future exploitation techniques.
- Several security, compatibility and performance improvements.

Read more @ http://blogs.technet.com/b/srd/archive/2014/07/31/announcing-emet-v5.aspx

I also recommend you look into Invincea @ http://www.invincea.com/how-it-works/containment/
0
Rich RumbleSecurity SamuraiCommented:
5 isn't ready yet, especially when it comes to office and IE protections, after you gracefully shutdown IE or an office application, it will restart them. It's probably the last major bug they have to fix.
http://social.technet.microsoft.com/Forums/security/en-US/1e70c72b-67b2-43c4-bd36-a0edd1857875/application-compatibility-issues?forum=emet
You should stick to 4.1 until 5 is more official.
-rich
0
DukewillNukemAuthor Commented:
of course 5.0 is ready....
0
Rich RumbleSecurity SamuraiCommented:
5 is not ready, it's in tech-preview, you can try it, I think you'll have issues when closing programs, they will re-spawn, but that's the only thing I can find wrong with it currently. It's best to have one of the EMET releases deployed, and 4.1 is where I'd start. There was some work done on bypassing EMET (4.1), and 5.0 addresses that and adds a few features as well. http://labs.bromium.com/2014/02/24/bypassing-emet-4-1/
-rich
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
DukewillNukemAuthor Commented:
EMET 5.0 is now out and ready to deploy.ill stick with it.
but what are the pro`s i should prefer 5.0 than 4.1?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Vulnerabilities

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.