back to article Researchers bypass Redmond's EMET, again

Researchers have again disarmed Microsoft's lauded Enhanced Mitigation Experience Toolkit (EMET) defence tool, and criticised Redmond for not improving its security controls by much. Offensive Security researchers, the brains behind the Kali Linux security platform and the gents that popped Version 4, examined the advanced …

  1. Mikel

    EMET was always the wrong end of the problem.

    But I expect nothing else.

    1. Anonymous Coward
      Anonymous Coward

      Re: EMET was always the wrong end of the problem.

      EMET is a sensible thing to pursue - it makes exploits harder to achieve. I note that other OSs have subsequently implemented a number of the technologies introduced in that toolset.

      The other end of the problem is also important as in code quality and secure by design - and Microsoft are leading the field in that - a massive reduction in number of vulnerabilities in the last decade - and Microsoft now have much lower vulnerability counts versus all of the following direct competitors such as OS-X and enterprise Linux flavours in the OS space, Chrome versus IE in the browser space, Oracle and MySQL versus MS SQL in the database space, .Net versus Java in the CLR space, IIS versus Apache in the Webserver space, Windows Phone versus Blackberry, Android and IOS in the mobile space, etc, etc.

      Microsoft's IIS recently become the most popular webserver by market share - largely because it has a consistent record for a good number of years now of much less likely to be successfully remotely hacked than most competing options.

      1. Anonymous Coward
        Anonymous Coward

        Re: EMET was always the wrong end of the problem.

        "I note that other OSs have subsequently implemented a number of the technologies introduced in that toolset."

        Indeed several OSs implemented them several years before MS did.

        The Linux PaX project first coined the term "ASLR". It published the first design and implementation of ASLR in July 2001. (http://en.wikipedia.org/wiki/Address_space_layout_randomization).

        Microsoft's Windows Vista (released January 2007) and later have ASLR enabled for only those executables and dynamic link libraries specifically linked to be ASLR-enabled.[14] For compatibility, it is not enabled by default for other applications. (same ref.)

      2. Anonymous Coward
        Anonymous Coward

        Re: EMET was always the wrong end of the problem.

        "Microsoft's IIS recently become the most popular webserver by market share - largely because it has a consistent record for a good number of years now of much less likely to be successfully remotely hacked than most competing options."

        OK, I'll bite. I've got five minutes so I'll go for the low hanging fruit.

        Let's take a quick look at web server market share.

        Looks like Apache and Nginx win here, putting IIS in third place:

        http://w3techs.com/technologies/overview/web_server/all

        But wait! For parked (unused) sites we may have a statistic:

        http://news.netcraft.com/archives/2014/09/24/september-2014-web-server-survey.html

        Now the statement that this is simply because IIS has such a good track record now? I can't find any proof of that correlation anywhere. Active (i.e. actually used) websites paint quite a different picture though, so take whatever stats you like there.

        It's also worth noting out of interest that for the top sites Apache is decreasing slowly but that slack seems to be taken up by Nginx. IIS has been slowly trending downwards there and doesn't show any signs of picking up.

        Meanwhile a list of most reliable web hosts from the same site as above doesn't mention Windows at all:

        http://news.netcraft.com/archives/2014/10/02/most-reliable-hosting-company-sites-in-september-2014.html

        Like anything in life, you can cherry pick any data you like and draw your own conclusions.

  2. Anonymous Coward
    Anonymous Coward

    The other end of the problem is also important as in code quality and secure by design - and Microsoft are leading the field in that - a massive reduction in number of vulnerabilities in the last decade - and Microsoft now have much lower vulnerability counts versus all of the following direct competitors such as OS-X and enterprise Linux flavours in the OS space, Chrome versus IE in the browser space, Oracle and MySQL versus MS SQL in the database space, .Net versus Java in the CLR space, IIS versus Apache in the Webserver space, Windows Phone versus Blackberry, Android and IOS in the mobile space, etc, etc.

    Microsoft's IIS recently become the most popular webserver by market share - largely because it has a consistent record for a good number of years now of much less likely to be successfully remotely hacked than most competing options.

    Yawn. Lots of assertions, no facts (drew a line through it so I'm not giving it credence by repeating it). Recycle..

    1. Chemist

      "Yawn. Lots of assertions...."

      You're generous ! Seems more like his usual bowel movements.

    2. Anonymous Coward
      Anonymous Coward

      "Lots of assertions,"

      Not hard to go validate them via Google. All those claims look correct to me. You can get pedantic and argue that a Linux distribution isn't a fair comparison - but as stated - Windows has fewer vulnerabilities - is entirely correct - at least versus say Redhat and SUSE. Ditto the rest of it as far as I can see. Do feel free to provide factual examples of any actual errors ?

      "no facts"

      There is a list of very specific factual examples. Unlike your very poor opinion piece that you link to that shows that you are so far out of the mainstream as to be an utter irrelevance. "using a blend of Apple front ends and Linux back ends" - you won't find many FTSE 500s doing that.

      1. Anonymous Coward
        Anonymous Coward

        You can get pedantic and argue that a Linux distribution isn't a fair comparison - but as stated - Windows has fewer vulnerabilities - is entirely correct - at least versus say Redhat and SUSE. Ditto the rest of it as far as I can see. Do feel free to provide factual examples of any actual errors ?

        Nice try, but I don't have to prove a negative, you have to prove your original assertions. A little tip: if you're trying to use the Secunia database for it, be honest and add up all the versions of Windows. And leave out all the bugs that are applications, not core OS. You'll find that your assertion is then about as robust as Windows security - shaky at best.

        1. Anonymous Coward
          Anonymous Coward

          "Nice try, but I don't have to prove a negative"

          Fine - so by your logic I don't have to prove a positive. The reader can do their own research - and it's not hard to validate all of the above.

          "if you're trying to use the Secunia database for it, be honest and add up all the versions of Windows."

          That wouldn't work as some vulnerabilities effect more than one version of Windows so you would be counting the same issue multiple times. And we are not adding up all the bugs for different versions of Linux (For instance SUSE 10 is on over 4,000), so why would we do so for Windows?

          "And leave out all the bugs that are applications, not core OS"

          Jeff Jones already did that work for a 'feature matched' Linux install - Windows still has far fewer vulnerabilities that are on average fixed faster (fewer days at risk).

          1. Anonymous Coward
            Anonymous Coward

            That wouldn't work as some vulnerabilities effect more than one version of Windows so you would be counting the same issue multiple times. And we are not adding up all the bugs for different versions of Linux (For instance SUSE 10 is on over 4,000), so why would we do so for Windows?

            I note with interest that you have as yet to mention a single trustworthy source that supports your assertions. QED.

  3. logistix

    Show us the video again but with the firewall turned on or with ZoneAlarm installed. Pretty sure it won't be as easy peasy.

    1. Tom 13

      Re: Show us the video again

      I'm also curious how it fares on 64 instead of 32 bit systems. I don't think I've done a 32-bit install for anything except XP and prior. Even the pre-SP1 install I did of Vista on a home system was 64-bit.

  4. Fuh Quit
    Pint

    It's like a house with a burglar alarm

    A computer with EMET is going to be harder to attack, just like the house.

    Which one would you choose if you were a burglar? (cue the people saying the one with the alarm because there must be something worth stealing :D)

    Have a beer everyone, it's Friday :)

    1. Anonymous Coward
      Anonymous Coward

      Re: Which one would you choose if you were a burglar?

      The one that looked like it had stuff worth stealing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like