FireEye security wonks Abdulellah Alsaheel and Raghav Pande have twisted the barrels of Microsoft's lauded EMET Windows defense gun 180 degrees and fired.
Or in other words, they've found a way to disable Redmond's
Enhanced Mitigation Experience Toolkit using the Enhanced Mitigation Experience Toolkit. EMET injects anti-malware defenses into applications and traps suspicious behaviors.
Windows 10 has much of EMET's technology baked in save for some
newly added features in the latest version 5.5 – which is available now and patched to removed the weaknesses found by Alsaheel and Pande.
The duo say their research targets an area of EMET code that switches off EMET. Once a hacker has code execution inside an application, he or she can call a function within EMET to disable EMET. It's as simple as that.
