Microsoft is moving beyond the realm of a software that they launched 7 years ago – Enhanced Mitigation Experience Toolkit (EMET). The company today announced that EMET was a path-breaking software in the early days but had been too slow to push security updates fast enough with Windows 10.
EMET to be phased out
For Microsoft, Enhanced Mitigation Experience Toolkit proved useful for a couple of reasons. First, it allowed them to interrupt and disrupt many of the common exploit kits employed by attackers at the time without waiting for the next Windows release. Second, they were able to use EMET as a place to assess new features in their latest Windows versions.
But the real problem came with the evolution of features in their PC operating systems. EMET, not being an integrated part of their system, isn’t able to provide any robust solutions towards exploits happening in this day and age. Not surprisingly, one can find easy bypasses, readily available online to circumvent EMET.
Apart from that, EMET isn’t exactly compatible with the OS’s of today. It clings onto the low-level areas of the operating system in ways they weren’t originally designed.
So, user feedback led to the inevitable demise of EMET, and all of its features are now being incorporated into the system itself. Windows as a Service is the new program to replace EMET, and it has already been updated twice since its launch in 2015.
…we have listened to customers’ feedback regarding the January 27, 2017 end of life date for EMET and we are pleased to announce that the end of life date is being extended 18 months. The new end of life date is July 31, 2018. There are no plans to offer support or security patching for EMET after July 31, 2018, says Microsoft.
Services like Microsoft Edge, Windows Defender, Device Guard and Credential Guard have all been designed keeping security as the priority. Windows 10 includes all of the mitigation features that EMET administrators have come to rely on such as DEP, ASLR, and Control Flow Guard (CFG) along with many new mitigations to prevent bypasses in UAC and exploits targeting the browser.
Microsoft is, therefore, recommending that users upgrade to Windows 10 to get the best security features.