Solved

EMET

  • 31 May 2012
  • 6 replies
  • 61 views

Userlevel 5
Badge +23
A quick question: is WSA compatible with EMET?
icon

Best answer by JimM 31 May 2012, 17:02

View original

6 replies

Userlevel 7
It looks like the most recent version of EMET has existed for over two weeks.  That's almost certainly been whitelisted by now.   Were you running into trouble with it?  If so, that is the sort of issue that would merit a support ticket.
Userlevel 5
Badge +23
No trouble to speak of, was just curious whether the two were compatible. Thanks for the response 🙂
Userlevel 7
I apologize for hijacking this thread ...
 
Today the tech headlines in our country have published a strong recommendation to install EMET v3.0 in order to address an issue that affects Internet Explorer 9 and earlier versions if a user views a website hosting malicious code. This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites. In addition it was suggested to set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones and configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones. More to read at http://blogs.technet.com/b/msrc/ 
 
I am seriously considering Microsoft's warning but on the other hand wanting to avoid overstuffing of my laptop. Therefore I have a logical question whether WSA can stands against the threats which EMET is supposed to protect from or is it recommended also by Webroot to install EMET alongside WSA?
 
Thanks & regards,
pegas
 
EDIT: Germany went even further ... they summoned to quit using IE until Microsoft have issued a patch via Windows Update. So they don't recommend to install manual patch but to dig out IE in favour of another alternative browsers.
Userlevel 7
Badge +56
Even though the Exploit is there WSA will protect if any Malware try's to use it and in most cases it's the Blackhole exploit kit Malware and this Article points to "The attacks install the Poison Ivy backdoor Trojan" We need a patch from Mirosoft to fix this issue.
 
TH
Userlevel 7
Great info pegas,
 
Thanks for sharing. TH is right, Webroot will block the malware that makes it through the hole. Although it would add an extra layer of security, it is not necessary. :D
 
I think this information would be useful for others as well so I wrote an article relating to the Microsoft Security Advisory specifically.
 
Microsoft Security Advisory (2757760)
 

 

Userlevel 7
Thx TH and Mike for clarification. I am at ease that WSA is enough and I don't need to install EMET.

Reply