In the wake of Microsoft security advisory 2757760 (i.e. the recent
zero-day MSIE vulnerability), which mentions Microsoft's EMET tool
(Enhanced Mitigation Experience Toolkit) as a workaround, I keep hearing
rumours that EMET would be so complicated to install and configure that
users would be better served by migrating to another web browser.
In reality, installation is simple. Download EMET from http://www.microsoft.com/en-us/downl....aspx?id=29851
, run the
installer, launch 'EMET 3.0' from your Start menu, click 'Configure Apps'
and add Microsoft Internet Explorer (typically located at C:\Program
Files\Internet Explorer\iexplore.exe). If Internet Explorer is open, close
it; the next time you open it, it should be protected.
Also, the installation package includes a user guide that can be opened
through the Start menu (a PDF reader is needed). Finally, please note that
EMET is not specific to Microsoft Internet Explorer: it can be used to
mitigate attacks against a number of applications, including other web
browsers such as Mozilla Firefox and Opera.
Thor Kottelin http://www.anta.net/