For Microsoft’s Enhanced Mitigation Experience Toolkit, EMET is one of the best and least-known security tools created by Microsoft. EMET is a simple yet effective software that uses specific mitigation techniques such as data execution prevention, table export address filtering, exception handling, structured override protection, etc., to add features. Additional security features to protect your installed apps from being exploited.

For example, installing Java and Internet Explorer are some vulnerable programs, and using EMET, you can protect these installed programs from common attacks. Most of the techniques used by EMET are built right into the Windows operating system, and EMET acts as an easy user interface to deal with all of the advanced security tools. So here’s how you can use EMET to protect your Windows computer.

EMET là gì và Cách Sử dụng nó để Bảo mật máy tính Windows

One thing to keep in mind when using this tool is that it won’t work well with older software. If you are using old software, EMET might not be for you as it can lead to some positives, and the apps might not work as they have to be due to compatibility issues.

Use the Enhanced Mitigation Experience Toolkit (EMET)

First, directly from Microsoft’s website and install it like any other software.

Tải EMET trực tiếp từ trang web của Microsoft.

During installation, select the “Use Recommended Settings” option in the configuration window and click the “Finish” button to continue.

Chọn tuỳ chọn 'Sử dụng Cài đặt được Đề xuất.'

Once installed, EMET will sit quietly in the taskbar, monitoring, and protecting supported apps. Just double-click on it to open the EMET window.

EMET sẽ ngồi lặng lẽ trong thanh tác vụ.

As you can see, EMET shows all running processes and system status in the main window.

EMET hiển thị tất cả các quy trình đang chạy và trạng thái hệ thống

After installing EMET, the first thing you need to do is to add all popular software to your apps list. Fortunately, Microsoft provides you with an XML file with the most popular software like Firefox, Chrome, Windows Media Player … To do that, select the option “Import” on the ribbon toolbar.

Chọn tùy chọn 'Nhập' trên thanh công cụ ribbon.

Now select the file “Popular Software.xml” and click the “Open” button to upload the file to EMET.

Chọn tệp 'Phổ biến Phần mềm.xml'.

Once you’ve added the files, either restart all apps or reboot your entire system to be sure.

Khởi động lại toàn bộ hệ thống để đảm bảo.

When you reboot, you can see all EMET-protected applications in the process section of the main window. Applications protected by EMET will have a green checkmark in the “Running EMET” section.

Các ứng dụng đang được EMET bảo vệ sẽ có dấu kiểm màu xanh lá cây.

In fact, by clicking the “Apps” button on the ribbon, you can see all the apps protected by EMET. In the window In the Application Configuration window, you can enable and disable individual mitigation policies for each application.

Bạn có thể bật và tắt từng chính sách giảm nhẹ riêng lẻ cho từng ứng dụng.

If you want to add your application to EMET, please click the “Add Application” button on the ribbon, select the application and click the “Open” button to complete the procedure. For example, I added the Sublime Text app to EMET.

Thêm ứng dụng của bạn vào EMET.

Once added, it will be listed in the Application Configuration window, and you can set up your mitigation policies just like any other application in this section.

Cửa sổ cấu hình ứng dụng EMET.

You can also quickly configure the security level by changing the profile in “Quick Profile Name” on the Ribbon interface. The recommended setting would be the “Recommended Security Settings” option.

Bạn có thể nhanh chóng cấu hình mức độ bảo mật.

If EMET finds any vulnerable program or one that doesn’t follow the rules, then it restricts the application from starting and displays a simple message letting you know that.

EMET sẽ hạn chế bất kỳ ứng dụng nào khi bắt đầu nếu cần.

As you can see, EMET detected an EAF (Export Address Table Access Filtering) and blocked the execution of the Thunderbird application. However, if you trust the application, you can change the application configuration window’s mitigation rules.

Furthermore, if you don’t like the EMET interface’s look, you can change the look by choosing one of the available skins from the “Skin” drop-down menu on the ribbon.

Bạn có thể thay đổi giao diện của giao diện EMET.

Conclusion

EMET is primarily aimed at administrators, and the software itself is super strict in applying its mitigation rules to applications. That being said, it can be used entirely by any Windows user, and if you are still using Windows XP for any reason, then using EMET would be a good thing to protect your PC.

There could certainly be compatibility issues with some apps, but the security provided by EMET is well worth it. Furthermore, Microsoft is actively developing the application for compatibility with more and more applications, so get it a try.

That’s all there is to do, and I hope that helps. Feel free to comment below, sharing your thoughts and experiences using EMET to protect your application from potential vulnerabilities and vulnerabilities.