Cracked Microsoft's EMET! FireEye security researchers Abdulellah Alsaheel and Raghav Pande managed to use it security software of Windows EMET to violate the security of… EMET!
So they succeeded instead of defending the Windows, το ενισχυμένο εργαλείο μετριασμού της Microsoft, επιτίθεται στο functional system.
Οι ερευνητές με επιθέσεις σε παλαιότερες εκδόσεις των Windows που χρησιμοποιούσαν το EMET κατάφεραν να ανακαλύψουν κενά ασφαλείας που μπορούν να παρακάμψουν και τις σύγχρονες άμυνες όπως τις διευθύνσεις χώρου τυχαίας choiceand data execution prevention.
Note that Windows 10 uses much of EMET for its security, with some news characteristics which were added in the latest version 5.5.
"The code systematically disables EMET protections and returns a program to a completely unprotected state," say the researchers.
"One just has to locate and call this feature to turn off EMET completely."
Previous attempts to bypass the EMET security application focused on the use of missing or inadequate features.
Instead, the Abdulellah Alsaheel and Raghav Pande hacks turn EMET protection features into an attack tool.
"This new technique uses EMET to get rid of EMET protections," they say. "It is a reliable and significantly easier EMET bypass technique than any other published in the past."
More details on the FireEye blog
https://www.fireeye.com/blog/threat-research/2016/02/using_emet_to_disabl.html