it.ucsf.edu

Security Update:Vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) - Upgrade to 5.5

Status Type

Security Update

Date and Time

Tuesday, February 23, 2016 - 13:09

Reason

Security Update

Impact

 Microsoft Enhanced Mitigation Experience Toolkit (EMET) System Administrators

 

WHAT HAPPENED?
The United States Computer Emergency Response Team (US-CERT) is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) that may allow a remote attacker to bypass or disable EMET to take control of an affected system.

Advanced Users: For a complete description of the vulnerability refer to FireEye’s Using EMET to Disable EMET - https://www.fireeye.com/blog/threat-research/2016/02/using_emet_to_disab...


AFFECTED SYSTEMS:

  • Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5


WHAT'S THE PROBLEM?
(EMET) is designed to help customers with their defense in depth strategies against cyberattacks, by helping detect and block exploitation techniques that are commonly used to exploit memory corruption vulnerabilities. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system.


HOW DO I PROTECT MY COMPUTER?
Applicable to System Administrators who deployed EMET (not general computer users):


RELATED LINKS