The bullshit in this CERT/CMU article made me gag a little. https://insights.sei.cmu.edu/cert/2016/11/windows-10-cannot-protect-insecure-applications-like-emet-can.html …. Tldr; their chart/table/findings are all wrong.
-
-
Replying to @Mauro_Croci @aionescu
I've updated the NULL page info. What other mitigations are applied by Windows 10 to apps that don't opt in to them?
1 reply 0 retweets 0 likes -
Replying to @wdormann @Mauro_Croci
please see the documentation for SetProcessMitigationOptions. ALL can be set through registry and group policy on app
2 replies 1 retweet 2 likes -
Replying to @aionescu @Mauro_Croci
That function is what apps use to opt in to mitigations. I'm talking about apps that don't bother opting in. Ref?
4 replies 0 retweets 0 likes -
Replying to @wdormann @Mauro_Croci
look in the Windows headers -- ALL The bits are settable. MSDN is just out of date in the examples page.
2 replies 0 retweets 0 likes -
Replying to @aionescu @Mauro_Croci
So it's basically undocumented that it's supported, and also recommended that you don't attempt to try it?pic.twitter.com/XGMBZKF3CP
4 replies 0 retweets 0 likes -
Replying to @wdormann @Mauro_Croci
anyway, damage is done, countless mainstream media articles now claiming "Windows 10 is less secure than win7+EMET".
2 replies 0 retweets 0 likes -
Replying to @aionescu @Mauro_Croci
If you have tips for how to prevent mainstream media from misinterpreting what they read, we'd all love to hear!
2 replies 0 retweets 1 like
EMET has value in easily forcing apps to obey mitigations. Hell even Office 2016 on Windows 10 doesn't fully use ALSR
-
-
Replying to @wdormann @Mauro_Croci
EMET has value in providing a nice GUI around it. The functionality is built into the OS.
0 replies 0 retweets 2 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.