News

Microsoft Pushes Back EMET Support Deadline to 2018

Microsoft plans to shutter its Enhanced Mitigation Experience Toolkit (EMET) solution, though the process will take a little longer than originally expected.

EMET, which was designed to offer protections against common malware attack scenarios and exploit methods, has not performed to Microsoft's expectations, the company said last week. Microsoft admitted that EMET is just not up to the task of blocking potential zero-day software exploits.

Microsoft also indicated that EMET has interfaces into Windows that weren't part of the original Windows design, and that issue has caused performance and reliability problems for some users.

The last release of EMET, version 5.5, was designed to protect Windows 10, but "its effectiveness against modern exploit kits has not been demonstrated," Microsoft indicated.

Consequently, Microsoft is planning to stop supporting EMET after July 31, 2018. That date is actually an 18-month extension from the product's original lifecycle support end date. Microsoft extended EMET's life in response to customer feedback, the announcement explained.

Microsoft sees Windows 10 as having better built-in protections against exploits than EMET. It's also touting Windows 10's faster update releases as a security improvement for organizations. Some of EMET's protections are currently built into Windows 10.

"Windows 10 includes all of the mitigation features that EMET administrators have come to rely on such as DEP, ASLR, and Control Flow Guard (CFG) along with many new mitigations to prevent bypasses in UAC and exploits targeting the browser," Microsoft's announcement explained.

EMET's product lifecycle was extended from an original end date of Jan. 27, 2017, but Microsoft still prefers that organizations to move to Windows 10. "For improved security, our recommendation is for customers to migrate to Windows 10," the announcement stated.

At some point, EMET users wanting to move to Windows 10 will be getting a "detailed guide for administrators," Microsoft promised. However, it didn't say when that guide would arrive.

Microsoft touted a bunch of its Windows 10-associated technologies as adding improved security for organizations. The Microsoft Edge browser has a better focus on security, Microsoft claimed. Microsoft also has some virtualization-based security protections for Windows 10 to ward off exploits, such as "Device Guard, Credential Guard, and Windows Defender Application Guard (coming soon)."

Getting these protections typically requires having licensed the Enterprise edition of Windows 10. Device Guard lets organizations specify which applications can run on a device, but it requires having the Enterprise or Education editions of Windows 10. Credential Guard protects credentials against "pass-the-hash" or "pass-the-ticket" types of attacks, but it also requires having the Enterprise or Education editions.

Windows Defender Application Guard, announced during Microsoft's Ignite event, is an Edge browser protection scheme against malicious Web links. Application Guard will run malicious Web sites in a "temporary and isolated copy of Windows" so that personal and corporate data can't be accessed. This protection scheme is designed for use with the Windows 10 Enterprise edition. A preview of Windows Defender Application Guard is coming this year, and product rollout is expected next year.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.