New research has found potential security loopholes in Microsoft’s EMET toolkit.
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), which is supposedly pretty secure, has just been bypassed by a security research firm called Bromium. This tool was designed specifically to protect systems from attacks, but the research findings claim that determined attackers can easily bypass Microsoft’s security system without much fuss.
“We found that EMET was very good at stopping pre-existing memory corruption attacks (a type of hacker exploit). But we wondered: is it possible for a slightly more technical attacker to bypass the protections offered in EMET? And yes, we found ways to bypass all of the protections in EMET,” Jared DeMott, Principal Security Researcher at Bromium, said.
When we get a closer look of Microsoft’s documentation of EMET, it is mentioned that the system is capable of blocking threats. However, there’s no mention of immunity from a potential vulnerability being exploited. Despite Bromium already issuing its findings to Microsoft, the Redmond based company is yet to acknowledge or debunk these exploits.
EMET is designed primarily to block the system from the attacks of Return Oriented Programming or ROP which has traditionally been used to execute malicious code onto the system. However, it seems like Microsoft has more serious issues to address. Not only does this latest finding reveal the potential security loophole in EMET, but also raises questions of Microsoft’s broad claims of security.
Further, the cost of exploitation will most likely go up as well, depending on the value of the data being hidden and protected. This raises several questions on the credibility of EMET.
Via: PC World