Security 10812 Published by

Whitehats' ability to sidestep EMET strongly suggest criminal hackers can, too.



From Ars Technica:
Researchers have developed attack code that completely bypasses Microsoft's zero-day prevention software, an impressive feat that suggests criminal hackers are able to do the same thing when exploiting vulnerabilities that allow them to surreptitiously install malware.

The exploit code, which was developed by researchers from security firm Bromium Labs, bypasses each of the many protections included in the freely available EMET, which is short for Enhanced Mitigation Experience Toolkit, according to a whitepaper published Monday. Microsoft has long held out EMET as an important tool for extending the security of Windows computers. The proof-of-concept exploit shows the limitations of those protections. The Bromium exploit included an example of a real-world attack that was able to circumvent techniques designed to mitigate the damage malicious code can do when targeting security bugs included in third-party applications.
  New attack completely bypasses Microsoft zero-day protection app