Windows 10 might be more secure, but CERT wants Microsoft to keep EMET alive

Microsoft is running into a bit of a conundrum as it looks to transition Windows from the legacy toting tractor-trailer operating system it used to be; to a sleeker and more refined future proof cross-platform experience. The problem, is that the new vision Microsoft has for Windows 10 seems to be truncated by its newness a lot of the time.

Despite Microsoft’s pillar of security regarding Windows 10, Enhance Mitigation Experience Toolkit customers are claiming the baked in EMET features in Windows 10 are nice, but not up to Windows 7 stuff.

According to a report from InfoWorld, “Even a Windows 7 system with EMET configured protects your application more than a stock Windows 10 system,” said Will Dormann, a vulnerability analyst with the Computer Emergency Response Team (CERT) at Carnegie Mellon University’s Software Engineering Institute.

The reason this matters is that Microsoft is looking to extract itself from supporting EMET due to the baked in security measures and exploit migration tools already accompanying Windows 10. Many are arguing that Windows 10 as a standalone product still does not provide the level of granular control or security supporting both Windows 10 and EMET 5.51 would provide.

The main crux of admin complaints stems from application defenses still lagging in functionality.

Windows 10 may be the most secure Windows ever, but the applications have to be compiled to utilize the exploit mitigation features to actually benefit from those enhanced security features. For example, if the application isn’t designed to use Control Flow Guard, then the application doesn’t benefit from Return-Oriented Programming (ROP) defenses, despite the fact that Control Flow Guard is part of Windows 10.

As Microsoft continues to evolve Windows 10, there is a possibility that engineering team builds in the missing feature sets EMET 5.51 user have grown dependent upon. However, until such a time, IT Pro will continue to protest Microsoft’s reluctance to either provide the proper tools and security or support ones already in place.

Share This
Further reading: ,

Which version of EMET are you or your business using and why?