March 13, 2015 at 11:32Microsoft released EMET 5.2
EMET has been updated to version 5.2 [ 1 ], [ 2 ], [ 3 ], [ 4 ]. In the new version, the company made a number of improvements, in particular, the libraries of EMET itself were compiled with support for the latest Visual Studio 2015 compiler function called Control Flow Guard (CFG) . Such a security function may relate to self-protection mechanisms of the executable legitimate code from outside interference (code hijacking).
The protection feature called Attack Surface Reduction (ASR)Added support for the VBScript Scripting Engine library (vbscript.dll), for which a large number of vulnerabilities were closed. Apparently, for this reason, he was on the ASR list. The library is used by Internet Explorer and attackers can remotely execute code in the browser if there is an RCE vulnerability in it.
Another internal EMET 5.2 feature called Enhanced Protected Mode / Modern IE allows EMET to receive information about the Enhanced Protected Mode (EPM) mode of Internet Explorer 11.
Download EMET 5.2 here .
The protection feature called Attack Surface Reduction (ASR)Added support for the VBScript Scripting Engine library (vbscript.dll), for which a large number of vulnerabilities were closed. Apparently, for this reason, he was on the ASR list. The library is used by Internet Explorer and attackers can remotely execute code in the browser if there is an RCE vulnerability in it.
Another internal EMET 5.2 feature called Enhanced Protected Mode / Modern IE allows EMET to receive information about the Enhanced Protected Mode (EPM) mode of Internet Explorer 11.
Enhanced Protected Mode / Modern IE: EMET now fully supports alerting and reporting from Modern Internet Explorer, or Desktop IE with Enhanced Protected Mode mode enabled.
Download EMET 5.2 here .