This article describes the Enhanced Mitigation Experience Toolkit. A link is provided to download the toolkit.
What is the Enhanced Mitigation Experience Toolkit?
The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this goal by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities. These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult as possible to perform.
EMET 4.0 and newer versions also provide a configurable SSL/TLS certificate pinning feature that is called Certificate Trust. This feature is intended to detect man-in-the-middle attacks that are leveraging the public key infrastructure (PKI).
Are there restrictions as to the software that EMET can protect?
EMET can work together with any software, regardless of when it was written or by whom it was written. This includes software that is developed by Microsoft and software that is developed by other vendors. However, you should be aware that some software may not be compatible with EMET. For more information about compatibility, see the "Are there any risks in using EMET?" section.
What are the requirements for using EMET?
EMET 3.0 requires the Microsoft .NET Framework 2.0.
EMET 4.0 and 4.1 require the Microsoft .NET Framework 4.0. Additionally, for EMET to work with Internet Explorer 10 on Windows 8, KB2790907
must be installed.
Where can I download EMET?
To download EMET, go to the related Microsoft TechNet page:
How do I use EMET to protect my software?
After you install EMET, you must configure EMET to provide protection for a piece of software. This requires you to provide the name and location of the executable file that you want to protect. To do this, use one of the following methods:
- Work with the Application Configuration feature of the graphical application.
- Use the command prompt utility.
To use the Certificate Trust feature that is available in EMET 4.0 and newer versions, you have to provide the list of the websites that you want to protect and certificate pinning rules that apply to those websites. To do this, you have to work with the Certificate Trust Configuration feature of the graphical application. Or, you can use the new Configuration Wizard. This enables you to automatically configure EMET with the recommended settings. Note
Instructions for how to use EMET are in the user's guide that is installed together with the toolkit.
How can I deploy EMET across the enterprise?
The easiest way to deploy the current version of EMET across an enterprise is by using enterprise deployment and configuration technologies. The current versions have built-in support for Group Policy and System Center Configuration Manager. For more information about how EMET supports these technologies, please refer to the EMET user's guide.
You can also deploy EMET by using the command prompt utility. To do this, follow these steps:
- Install the .msi file on each destination computer. Or, put a copy of all the installed files on a network share.
- Run the command prompt utility on each destination computer to configure EMET.
Are there any risks in using EMET?
The security mitigation technologies that EMET uses have an application-compatibility risk. Some applications rely on exactly the behavior that the mitigations block. It is important to thoroughly test EMET on all target computers by using test scenarios before you deploy EMET in a production environment. If you encounter a problem that affects a specific mitigation, you can individually enable and disable that specific mitigation. For more information, refer to the EMET user's guide.
What is the latest version of EMET?
A new version of EMET was made available on November 12, 2013. For more information about the latest version of EMET, go to the following TechNet website:
How can I get support for EMET?
Customers who are using EMET 3.0, EMET 4.0, or EMET 4.1, and who have access to Microsoft Services Premier and Professional Support, can receive fee-based advisory support through these channels. Customers who do not have Premier or Professional contracts can receive support through the following official support forum: