Windows 10: EMET your enterprise for peak Windows security

Discus and support EMET your enterprise for peak Windows security in Windows 10 News to solve the problem; Microsoft has put many defensive technologies, like ASLR, DEP and SAFESEH into Windows over the years to mitigate against the exploitation of... Discussion in 'Windows 10 News' started by Brink, Dec 28, 2014.

  1. Brink
    Brink New Member

    EMET your enterprise for peak Windows security


    Read more...


    See also: Enhanced Mitigation Experience Toolkit (EMET) - Windows 7 Help Forums

    :)
     
    Brink, Dec 28, 2014
    #1

  2. Win10 Fall Creators Update (1709) EMET replacement for non-enterprise users

    If you open Windows Defender Security Center , under App and browser control, you will find Exploit Protection and you could set things like you have been doing in EMET. This feature is available in all editions of Windows 10 and there is no need to have
    enterprise version to use it. If you have home edition, you could use it. Actually Exploit protection is the replacement for EMET.
     
    Cyber_Defend_Team, Dec 28, 2014
    #2
  3. Win10 Fall Creators Update (1709) EMET replacement for non-enterprise users

    Microsoft has made a lot of noise about the integration of EMET protections directly into Windows 10. But as far as I can tell, what they've actually done is move a lot of it into place for Enterprise deployments. If you were using EMET on a standalone box,
    what do you replace it with? It doesn't seem like feature parity exists for you as an option anywhere in Windows 10 for non-enterprise users now, compared to being able to install EMET anywhere before.

    What I've read suggests these features are all moved into areas accessible only to enterprises. Are non-enterprise people just on their own again?
     
    MasterChiefmas, Dec 28, 2014
    #3
  4. Para Dox Win User

    EMET your enterprise for peak Windows security

    I cannot get EMET 5.2 certificate pinning to work in Windows 10.


    When I test EMET by pinning an incorrect Root CA certificate to the website, Windows 10 does not block website access like Windows 8.1 does.


    Has EMET certificate pinning been disabled in Windows 10 ? If so, has this functionality been superceded by a better technique ?


    I have searched high and low, and this anecdotal reference is the only thing I can find:
    "Windows 10 does not use certificate pinning, means someone can easily apply a man-in-the-middle-attack for each Microsoft cloud-access for example"

    .....
     
    Para Dox, Sep 14, 2015
    #4
  5. Para Dox Win User
    I partially resolved the problem.

    I noticed 'Event ID: 42' registered in the Event Log:

    "EMET detected that the SSL certificate for "www.mybank.com.au" is not trusted by the rule "My Custom Rule-MybankCA" associated with the domain "www.mybank.com.au"

    I had not checked the EMET checkboxes for "PublicKey Match" and "Blocking Rule".

    However, even when I check these checkboxes, then test using an incorrect Root CA certificate, it still only blocks access to the website and records Event ID 42 using IE11, but not when using Edge, Firefox, or Chrome browsers. This behavior is the same in both Windows 8.1 and Windows 10.

    Firefox and Chrome have the green light to indicate that they are running EMET. Edge does not have a green light even though it is configured to run EMET.

    Does anybody know how to get EMET certificate pinning to work using Edge, Firefox, or Chrome browsers ?

    ....
     
    Para Dox, Sep 14, 2015
    #5
  6. Para Dox Win User
    Page 28 of the EMET User Guide has instructions for 3rd Party browsers.

    I just configured the registry in both Windows 10 and Windows 8.1 as per those instructions .

    It still does not work for either Microsoft Edge, Firefox, or Chrome browsers.

    The EMET manual does say that the API support for 3rd party browsers is still experimental. I guess we will have to wait until the next EMET release for Edge support . Firefox and Chrome support .... anybody's guess.
     
    Para Dox, Apr 4, 2018
    #6
Thema:

EMET your enterprise for peak Windows security

Loading...
  1. EMET your enterprise for peak Windows security - Similar Threads - EMET enterprise peak

  2. Security NOT just an Enterprise thing

    in AntiVirus, Firewalls and System Security
    Security NOT just an Enterprise thing: Security is not only a concern for Enterprise business environments. So, while I have a break between sessions at iTech today...Whether for your personal data or in case of a hardware failure or an OS issue, security is your issue, ALSO, not just a business problem.1. Have...
  3. Tri Peaks

    in Windows 10 Software and Apps
    Tri Peaks: Partly to brag, and partly to clarify. Tonight I reached TriPeals level 2,000, which is Gold Gandmaster 321. Jim Simpson https://answers.microsoft.com/en-us/windows/forum/all/tri-peaks/942d1bbd-3a2a-43c6-82a8-8e175bac9f4a
  4. tri-peaks solitaire

    in Windows 10 Customization
    tri-peaks solitaire: How do I select the degree of difficulty? https://answers.microsoft.com/en-us/windows/forum/all/tri-peaks-solitaire/80948efe-632a-423c-a1f8-ba07aba56c78
  5. Window Enterprise Security

    in Windows 10 Network and Sharing
    Window Enterprise Security: Will Droid work on Window Enterprise Security? https://answers.microsoft.com/en-us/windows/forum/windows_10-networking/window-enterprise-security/079f9cbe-55cc-45a9-9208-fec0d3f18b64
  6. EMET or Malwarebytes Anti exploit?

    in AntiVirus, Firewalls and System Security
    EMET or Malwarebytes Anti exploit?: Just wondering what people are using for Windows 10? Apparently EMET can be easily exploited in Windows 10 and MB Anti exploit is recommended over it. Any opinions on this? Does the premium version of Anti exploit allow you to secure 3rd party apps as EMET is able to? 64470
  7. Microsoft: Windows 10, Edge so secure they don't need our EMET

    in AntiVirus, Firewalls and System Security
    Microsoft: Windows 10, Edge so secure they don't need our EMET: The company this week announced the officially Windows 10-compatible version 5.5 of EMET. However, it launches as a tool that Microsoft believes is now largely redundant, thanks to inbuilt security improvements it has made to Windows 10. Microsoft is so confident of how...
  8. EMET with "Secondary Log-on" service disabled

    in AntiVirus, Firewalls and System Security
    EMET with "Secondary Log-on" service disabled: Hi, Anyone please, is there any way to use EMET if "Secondary Log-on" service is disabled? Thank you. 69418
  9. EMET 5.5, Avira and BitLocker

    in AntiVirus, Firewalls and System Security
    EMET 5.5, Avira and BitLocker: Hello, This is my second attempt at using Windows 10. I couldn't get EMET working properly on the first try, but I decided to give it a final shot before going back to Arch Linux. So, my main problem: I can't enable DEP system-wide. EMET says that the BitLocker service...
  10. Microsoft: Edge so secure they don't need EMET anti zero-day shield

    in Windows 10 News
    Microsoft: Edge so secure they don't need EMET anti zero-day shield: Microsoft has released a Windows 10-compatible version of its seven-year-old anti zero-day tool but says the product is surplus to requirements for its latest OS and Edge browser. Since 2009, if Microsoft couldn't patch a software flaw before it came under attack, it would...