EMET 5.5 Beta available now

Emet IconMicrosoft has released a Beta version of its EMET tool. You can download it from here: http://www.microsoft.com/en-us/download/details.aspx?id=49166 This was released back in October but I have been running version 5.2 for a long time, so I installed the new Beta version to see whats new. If you are running an older operating system such as Windows Vista or Windows 7, you probably won’t benefit from any new features much but if you are running Windows 10 or Server 2012r2, I would suggest trying it in a lab environment first before deploying it to any production environments.

Changes to the GUI interface include most noticeably a new section that says “Block Untrusted Fonts”. This setting is included to support Windows 10 only. Other new features include better configuration of various mitigations via GPO, however I am still trying to figure out how not to crash the app when clicking on the Group Policy button. There are also EAF/EAF+ pseudo-mitigation performance improvements. More information can be found on the technet blog.

The first bug I found on my Windows 10 system was that there is a new button that says Group Policy in the toolbar on the top left. I clicked the button and a box opened up that said the name of my domain at the top but it also said LOCAL GROUP POLICY and it eventually crashed the emet gui dashboard before anything else happened. I collected a dump and I’m analyzing it as it may be related to my Domain’s group policy settings anyway, so this may not affect you as it did over here. However, this crash happens on more than one computer so I sent it in to Microsoft’s Emet feedback.