Next Version Of Windows 10 Could Have In-Built EMET Anti-Exploit Program

It seems Microsoft is planning to build its EMET anti-exploit tool into the kernel of Windows 10 Creator Update (also known as RedStone 3), which is expected to release in September/October 2017.

So you may not have to separately download and install EMET in the upcoming version of the Windows 10. 

windows, windows 10, technology, technews, tech, security, computer security, privacy, microsoft,



If true, this would be the second big change Microsoft is making in its Windows 10 Fall update after planning to remove SMBv1 to enhance its users security.

EMET or Enhanced Mitigation Experience Toolkit, currently optional, is a free anti-exploit toolkit for Microsoft's Windows operating systems designed to boost the security of your computer against complex threats such as zero-day vulnerabilities.



"EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software," Microsoft site reads.

Basically EMET detects and prevents buffer overflows and memory corruption vulnerabilities, often used in zero-day attacks.

A few EMET features are already built into Windows 10 including DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization), but the current version of Windows 10 doesn't offer the same level of protection as Windows 10 with EMET installed.

The following chart, created by researchers from Carnegie Mellon University's Software Engineering Institute, clearly indicates that Windows 10 with EMET offers better protection than alone Windows 10 does.



Since Microsoft has already announced that the company will discontinue the support of EMET in July 2018, we believe the company has planned to built-in support for all remaining EMET features in the next version of Windows 10.

"There are no plans to offer support or security patching for EMET after July 31, 2018. For improved security, our recommendation is for customers to migrate to Windows 10," Microsoft said last year.

tweet from Alex Ionescu, Windows security expert, with a screenshot hints that Microsoft may release its next stable version of Windows 10 with "built-in EMET into the kernel."

Also, we noticed that Alex's tweet was later retweeted by at least two security researchers from Microsoft team, which indirectly confirms the news.


However, we tried to reach out to two of the Microsoft researchers, one of them hasn't responded yet, while other denied commenting at this moment.

EMET provides both system-wide as well as application-specific protection, which works by watching internal operating system operations for known security exploits and holes, and blocking attacks both on the OS and third-party applications.

The tool also mitigates the system against the well-known "untrusted fonts" attack, which is often leveraged in Web-based cyber attacks to compromise PCs and install malware.

Besides this, EMET also offers buffer overflow protection to applications that may be vulnerable to stack and buffer overflow attacks that malware uses to interact with the operating system.

So, let's just wait for the big news to be confirmed by Microsoft.


RELATED ARTICLES