Skip to main content

Enhanced Mitigation Experience Toolkit

Notice

End of Life Statement

We have listened to customers' feedback regarding the January 27, 2017 end of life date for EMET and we are pleased to announce that the end of life date is being extended 18 months. The new end of life date is July 31, 2018. There are no plans to offer support or security patching for EMET after July 31, 2018. For improved security, we recommend that customers migrate to the latest version of Windows 10.


Protect Your Enterprise

 

 

The Enhanced Mitigation Experience Toolkit (EMET) is designed to help customers with their defense in depth strategies against cyberattacks, by helping detect and block exploitation techniques that are commonly used to exploit memory corruption vulnerabilities. EMET anticipates the most common actions and techniques adversaries might use in compromising a computer, and helps protect by diverting, terminating, blocking, and invalidating those actions and techniques. EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software. EMET benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives.


Helps customers with their defense in depth strategies


EMET helps protect against new and undiscovered threats even before they are formally addressed through security updates or antimalware software. EMET includes 14 security mitigations that complement other defense in-depth security measures, such as Windows Defender and antivirus software. EMET installs with default protection profiles, which are XML files that contain preconfigured settings for common Microsoft and third-party applications.


Works well for the enterprise


Enterprise IT professionals can easily deploy EMET through Microsoft System Center Configuration Manager and apply Group Policies in Windows Active Directory to comply with enterprise account, user, and role policies. Administrators can customize and configure EMET deployments and determine which applications they want to protect through which mitigation techniques.


Even for enterprise legacy software that cannot easily be rewritten, or for software being phased out where the source code is not available, EMET provides mitigation protections. The reporting capabilities in EMET are provided through a component called the EMET Agent, which allows enterprises to create logs and notifications for audit purposes.


EMET customer support is available through Microsoft Premier Support Services.


Helps protect in a wide range of scenarios


EMET is compatible with most commonly used third-party applications at home and in the enterprise, from productivity software to music players. EMET works for a range of client and server operating systems used at home and in the enterprise**. When users browse secure HTTPS sites on the Internet or log on to popular social media sites, EMET can help further protect by validating Secure Sockets Layer (SSL) certificates against a set of user-defined rules.


EMET Security MitigationsIncluded
Attack Surface Reduction (ASR) MitigationIncluded checkmark icon 1
Export Address Table Filtering (EAF+) Security MitigationIncluded checkmark icon 2
Data Execution Prevention (DEP) Security MitigationIncluded checkmark icon 3
Structured Execution Handling Overwrite Protection (SEHOP) Security MitigationIncluded checkmark icon 4
NullPage Security MitigationIncluded checkmark icon 5
Heapspray Allocation Security MitigationIncluded checkmark icon 6
Export Address Table Filtering (EAF) Security MitigationIncluded checkmark icon 7
Mandatory Address Space Layout Randomization (ASLR) Security MitigationIncluded checkmark icon 8
Bottom Up ASLR Security MitigationIncluded checkmark icon 9
Load Library Check – Return Oriented Programming (ROP) Security MitigationIncluded checkmark icon 10
Memory Protection Check – Return Oriented Programming (ROP) Security MitigationIncluded checkmark icon 11
Caller Checks – Return Oriented Programming (ROP) Security Mitigation*Included checkmark icon 12
Simulate Execution Flow – Return Oriented Programming (ROP) Security Mitigation*Included checkmark icon 13
Stack Pivot – Return Oriented Programming (ROP) Security MitigationIncluded checkmark icon 14
Windows 10 untrusted fonts***Included checkmark icon 15


* Available and applicable only to 32-bit processes
"*** Available on EMET 5.5x, and available only for Windows 10 (versions 1507, 1511 and 1607)."

"** EMET 5.2 and 5.5x support Windows Vista Service Pack 2, Windows 7 Service Pack 1, Windows 8, Windows 8.1, Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2012, Windows Server 2012 R2. EMET 5.5x also supports Windows 10 (versions 1507, 1511 and 1607)."

Featured Video

EMET Video thumbnail image

Downloads

Customer Feedback

“EMET breaks commodity malware and raises the cost of developing exploits for more sophisticated attackers. System administrators should consider adding EMET to their environment as an additional exploit mitigation layer.”- Brad Arkin, Chief Security Officer at Adobe Systems, MSRC Progress Report

“EMET prevents malware from exploiting vulnerabilities, period! There are many documented cases showing how EMET blocked new malware found in the wild. EMET is a must-have for your workstations.” - Didier Stevens, Contraste Europe NV and author of HeapLocker, MSRC Progress Report

"We use only Windows on our desktops, and only with EMET.”- Brad Spengler grsecurity.net, MSRC Progress Report

EMET 2 Video thumbnail