Microsoft released a beta version of the Enhanced Mitigation Experience Toolkit 4.0 back in April this year promising that the final version would follow in the coming months. The release of version 4.0 of EMET came as a surprise to many, as the company decided to skip EMET 3.5 final after having released a technical preview version of it before.
The Enhanced Mitigation Experience Toolkit improves security significantly on Windows systems. It is not a first-line of defense product such as antivirus programs or firewalls, but steps in when malware managed to sneak by those defense. This can for instance be the case for new 0-day vulnerabilities that have not been patched yet.
EMET mitigates common exploit techniques so that code that is making use of them cannot execute properly on the system so that malware attacks are blocked by the application before they infect the PC.
Tip: check out our advanced guide for EMET to get the most out of the security application.
You are probably wondering what is new in the final release. The first thing you will notice in this regard is the new configuration wizard that pops up after installation.
Here you can select to keep existing settings or use recommended settings. You may want to keep your existing settings of EMET if you have made modifications to the application previously on your system.
The recommended settings option resets all existing application configuration settings, adds protections for common programs such as Internet Explorer, Oracle Java, Microsoft Office or Adobe Reader, adds Certificate Trust rules for popular services such as Twitter, Facebook and Yahoo, and enables reporting.
Remember that you can export data in the program so that you may want to back up your customizations in the version installed on a system before you run the installer to install the new EMET 4.0 version on your system. You can then import the data backup that you have saved earlier.
The main program window has been redesigned. First thing you may want to do is switch the Office 2013 skin to EMET Style or another theme that improves the overall look and feel of the program interface. And yes, there is a Ribbon now but it is not that bad as all options are displayed in it and you do not need to switch between different tabs here.
How to disable early warning reports
If you do not want to send data to Microsoft when EMET detects attacks, uncheck the Early Warning option in the reporting ribbon at the top of the main window. Here you can also disable the tray icon or Windows Event logging.
I suggest you start with the excellent user guide that Microsoft has released as it will answer many of the questions that you may have about the application.
First thing you may want to do after installation is click on Apps to find out which apps are currently protected by the application.
Here you should see a list of executable files and the mitigation techniques they are protected by. You can add new applications easily using the menu at the top and decide whether you want exploits to be stopped dead in their tracks or audited only.
EMET 4.0 ships with three protection profiles that Microsoft has created for the program. You can import them from the main menu with a click on Import. The popular software profile adds support for programs such as Firefox, Foxit Reader, Adobe Photoshop or Skype to EMET automatically.
EMET can be downloaded from Microsoft's Download Center. Note that you do need to uninstall EMET 4.0 Beta if you are running it on the system before you install the update. That was at least the case on my system where the Beta version was detected as a newer version.
Update: The latest, and last version of EMET is 5.52 which is available as a download from Microsoft's website.
The application is compatible with all client and server operating systems from Windows XP SP3 and Windows Server 2003 SP1 onwards.
The Enhanced Mitigation Experience Toolkit 4.0 is one of the must-install programs that Microsoft makes available for its operating systems. It is unobtrusively running in the background protecting your system against 0-day exploits and malware that slipped by your antivirus solution.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.