Earlier this month, Microsoft announced it would be retiring its Enhanced Mitigation Experience Toolkit (EMET), once the tool reaches its current end of life cycle, in July 2018. Now security researchers are urging to company to keep the tool around as it still offers increased security over native Windows 10 controls.
EMET has proven to be a very valuable tool for those looking to keep older versions of Windows secure, offering many security features on top of those built into the operating system. However, Microsoft is arguing for its retirement, citing that many of the EMET tools have now been built natively in Windows 10, and that a native, evolving solution offers better protection that a system that’s just thrown on top of the OS.
However, according to Carnegie Mellon University CERT, and one of its researchers Will Dormann, Microsoft is ignoring one of the primary functions of EMET: forcing applications to use security features. Dormann explains that even a Windows 7 machine running EMET can be more secure than a standard Windows 10 system, because the security tool gives users control over which security protocols get forced on apps.
Though Dormann admits that Windows 10 is a step forward in terms of security, he mentions that all the new security features bakes into the OS become useless if apps and programs aren’t coded to take advantage of them. It was here where EMET showed its worth, by forcing programs to run more securely.
Once EMET reaches its end of life in July 2018, it will no longer be patched or receive any updates, leaving many users relying on older software very vulnerable to exploits.