QUOTE
28 October 2009, 14:09
Free tool from Microsoft hardens programs against attack
Microsoft has released a free tool for retroactively hardening applications against known attacks, without recompiling the program with a special compiler flag. The Enhanced Mitigation Evaluation Toolkit (EMET) allows developers and administrators to activate specific protection mechanisms in compiled binaries without requiring access to the source code. EMET is currently able to prevent or impede four attack techniques.
Structured Exception Handler Overwrite Protection (SEHOP) aims to prevent (structured) exception handlers (SEH) from being overwritten on the stack or in the data segment. In contrast to overwriting return addresses using buffer overflows, in this attack scenario attackers execute their code by misdirecting function pointers. Further information can be found in the article " A Heap of Risk - Buffer overflows on the heap and how they are exploited" on The H Security.
More:
http://www.h-online.com/security/news/item...ack-843914.html
Free tool from Microsoft hardens programs against attack
Microsoft has released a free tool for retroactively hardening applications against known attacks, without recompiling the program with a special compiler flag. The Enhanced Mitigation Evaluation Toolkit (EMET) allows developers and administrators to activate specific protection mechanisms in compiled binaries without requiring access to the source code. EMET is currently able to prevent or impede four attack techniques.
Structured Exception Handler Overwrite Protection (SEHOP) aims to prevent (structured) exception handlers (SEH) from being overwritten on the stack or in the data segment. In contrast to overwriting return addresses using buffer overflows, in this attack scenario attackers execute their code by misdirecting function pointers. Further information can be found in the article " A Heap of Risk - Buffer overflows on the heap and how they are exploited" on The H Security.
More:
http://www.h-online.com/security/news/item...ack-843914.html