emet crashing IE 10

Hello we just updated our users to IE 10 and Emet crashes IE

EMET detected Caller mitigation and will close the application: IEXPLORE.EXE

Caller check failed:
  Application       : C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
  User Name       :
  Session ID       : 1
  PID             : 0xD40 (3392)
  TID             : 0x3F0 (1008)
  API Name       : ntdll.NtAllocateVirtualMemory
  ReturnAddress       : 0x6838F5E8
  CalledAddress       : 0x77CDFAC0
  StackPtr       : 0x0293F120

 The odd thing this started on all the computers after a few hours of use. Has anyone ever seen this ?
LVL 9
Steelers4lifeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
Do check out the forum to feedback as most of time may be the plugin (like flash or recent add on plugin, if any) in or background AV on demand contributing this, another quick means is to try disabling just EAF & Stack Pivot (not EAF+) and it has worked for most (including other using IE11 on Windows 7 32)
https://social.technet.microsoft.com/Forums/security/en-US/d1ff5dad-9d92-4b95-87ec-c026a69663fc/ie-10-crash-with-emet-5?forum=emet

also note - Apparently the design decision was made in EMET 5 to disable Flash for the internet zone. I rather turn it on and have ActiveX filtering disable Flash except for a few select websites. probably has to drill the EMET v5 default disabling ...

https://social.technet.microsoft.com/Forums/security/en-US/0902e272-40b4-4fdd-8a1d-f6f98a17e67f/emet-50-tp-ie-11-flash-broken?forum=emet
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rich RumbleSecurity SamuraiCommented:
We've seen EMET 5.0 crashing, but not 4.1, but only when our 64-bit users close IE or Office mostly, the applications simply restart.the programs thinking they didn't exit cleanly. We tried disabling EAF, EAF+ and Stack Pivot. I'm not sure why, so we've had to stick to 4.1 so far for our 64-bit users.
-rich
0
Steelers4lifeAuthor Commented:
Thanks we removed it to stop the bleeding. We were using 4.1 on 64 bit maxhines
0
btanExec ConsultantCommented:
thanks for sharing, meanwhile, there is a unpatched zero day CVE-2014-6352 which MS advisory stated EMETv5 as workard using the ASR (for flash*.ocx;packager.dll) - it disabled EAF, EAF+ & Stack Pivot for "dllhost.exe" but enabled them for the "POWERPNT.EXE". There is UAC enabled as well. You may want to take note for decision making in this period of exposure
https://technet.microsoft.com/en-us/library/security/3010060.aspx
0
Steelers4lifeAuthor Commented:
Neither of these really solved the problem but I give credit to anyone that helps.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.