CERT tells Microsoft to keep EMET alive because it's better than Win 10's own security Microsoft should reverse its planned axing of the lauded Enhanced Mitigation Toolkit (EMET) as Windows 10 cannot yet match its level of security, according to Carnegie Mellon University CERT furniture Will Dormann. The vulnerability analyst, who has pushed out security alerts and advice from the world's first CERT for around a …
Also the only reason to run Windows at all is for older Applications.
So why would people want to "upgrade" from Win7 pro to Win 10?
Even Win7 32 bit is easier to run older programs on, though they OUGHT to work on Win Pro7 64bit. Just been through a huge heap of CDs to re-install on Win7 pro 64 that were all working on 32bit XP.
Only 2 worked / even installed:
One had text missing from all buttons on main menu level.
The other would only install DOS version (via DOSBOX, sound & mouse working) and wouldn't install the Windows version (which worked on XP) at all.
Windows 10 seems even worse for compatibility.
"Surely there are new versions of all these programs for Windows 7 or Windows 10?"
Er, no, unless it's a top selling payroll or accounts package. The developers are gone, or doing newer shiny games you don't want, also do you WANT to re-purchase all the programs you already bought?
I guess I need to install a VM with no Internet access. Stupid. WOW used to work. NTVDM used to work, now even 32 bit apps allegedly compatible with Vista as well as XP often won't run on Win7 64, though I suspect badly written installers as "new" 32 bit Windows applications (some of which work on XP) do install and run on Win7 pro 64 bit (but significantly from "Program Files (x86)" ).
Windows has turned into a mess going downhill.
Mines the one with two USB sticks in the pocket, Linux Mint cw Mate, 32 bit and 64 bit.
Any properly written Win32 application for Windows 2000 (and probably NT also) would work without issues in 7. Some relying on drivers or very low level stuff could have issues, but simple userland applications should have none. Those written as everything was still Windows 3.0 have issue, no surprise. Sometimes they could make working using compatibility modes, sometimes not.
There's an issue that some 32 bit applications came with 16 bit installers. Those won't work on 64 bit OS.
The lack of DOS (and thereby Win16) support in 64 bit OS isn't a Microsoft fault. The designers of x64 decided to remove some features, including the Virtual 86 mode, when the CPU runs in 64 bit mode. You'll need to use virtualization, but unluckily it means you need also valid licenses of DOS and Windows 3.x if you really need to use them (FreeDOS should work, though). Or use the XP VM that comes with 7.
Ummm... I don't get this.
Why should every new version of an OS support every bit of software that ever ran on previous versions?
The world moves on, technology moves on. A payroll or accounting package that was released back in 2001 alongside XP may no longer be compatible with modern legislation/requirements (electronic submission of returns to HMRC for example) so you'd need to update/replace it anyway.
Compatibility is just fine in Windows 7 and 8, but in x64 versions there is no 16 bit Windows compatibility due to hardware limitations.
What on earth are you running? DOS versions? I run all manner of crappy old kit and haven't run into compatibility issues. Any issues that do exist are usually down to the programs being poorly written in the first place.
It's *twenty years* since DOS and Windows 3.x died, do you think perhaps you could give Windows a break..
The report forgot to consider these important facts:
https://blogs.windows.com/business/2016/06/29/advancing-security-for-consumers-and-enterprises-at-every-layer-of-the-windows-10-stack/#51fixYEa5gL73Xlg.97
"We’ve also made substantial improvements to Microsoft Edge’s security with Windows 10:
- The use of our AppContainer sandboxing technology enables us to isolate the browser from the rest of the OS, apps and user data.
- A new plug-in model prevents plug-ins implemented with insecure designs from running.
- New mitigations in ASLR and Control Flow Guard harden the browser from code injection and memory corruption attacks to help defeat common exploit techniques, such as heap spraying and ROP.
- Untrusted and malicious fonts that were served by web pages and embedded in docs are now blocked and the font parsing code has been sandboxed."
Windows 10 includes all of the mitigation features that EMET administrators have come to rely on such as DEP, ASLR, and Control Flow Guard (CFG) along with many new mitigations to prevent bypasses in UAC and exploits targeting the browser. EMET's effectiveness against modern exploit kits has not been demonstrated on Windows 10, especially in comparison to the many security innovations built-in to Windows 10
"You mean the same Edge that was repeatedly p0wned by that Korean hacker?"
As far I remember the Korean hacker also hacked every other major browsers including Chrome on the same competition. He regularly does that. I wonder which browser you use! Internet Explorer sucked in security, Edge sucks in usability and features but it's security is now competitive with other leading browsers.
http://betanews.com/2016/11/01/microsoft-edge-is-most-secure-browser
according to NSS lab.
Edge?... Phffff! I just had to downgrade the security on a clients web site code because Edge throws it's toys out of the pram if it see the "crossorigin" attribute on a CDN source! Perfectly fine on other browsers. M$ still "at it" :(
I have never found an answer.
If MS says Windows 10 has all the EMET protections built in that's all well and good.
But are they switched on by default?
If you take DEP for example (the only one you have any control over) its still set to the same setting as Windows XP days which is 'hardly worth bothering'.
Can the Reg get a statement from MS on this? How and where are they all enabled?
Windows 10 includes all of the mitigation features that EMET administrators have come to rely on such as DEP, ASLR, and Control Flow Guard (CFG) along with many new mitigations to prevent bypasses in UAC and exploits targeting the browser. EMET's effectiveness against modern exploit kits has not been demonstrated on Windows 10, especially in comparison to the many security innovations built-in to Windows 10
I hope it is coincidence and not prescience, but the castle in the photograph at the top of the article is Bodiam.
Bodiam was one of the last, if not the last, castle licensed to be built in England. It wasn't built to defend anything, it was built for show. The curtain walls would have crumbled as soon as an enemy looked at them.
Is Win 10 security any better than Bodiam's?
+100 - more and more of my customers are moving to Mint when they see how much faster, familiar and easier it is over W, w, w, w, w, w - I can't bring myself to say it, don't want to make my mouth dirty :-)
-100 for the MS dead donkey floggers that down vote negative (to MS) - but often funny - comments.
My experience has been the exact opposite. I can't give Linux away.
I've told customers they can shave £100 off a box and it will do everything they need but nope, they won't have it. Has to be Windows.
In 8 years of business I've not managed to shift one box with Linux on it.
I have thought of telling them it costs £75 instead of £100 (whatever) as it seems free has a bad image.
I dunno.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
