View Single Post
Old 26. Jan 2012, 02:37 AM   #10 (permalink)
Remah
Senior Member
 
Join Date: Jul 2010
Location: New Zealand
Posts: 1,741
Default

Quote:
Originally Posted by jclarkw View Post
Here's another free-software security question: Looking further into the site mentioned in this quote, I see also the recommendation to "Install Microsoft's mitigation toolkit, called EMET." (I think I understand what 'DEP' means, but so far I have no idea about 'SEHOP' or 'ASLR.' I suppose that these are things that a comprehensive secuirty suite might take care of for me...) Do either of you think using EMET is worth the additional bother?

Thanks again for putting up with all my newbie questions! -- jclarkw
I'd be surprised if it was worth it except for some specific older applications that are not kept up-to-date. The main problem is that if the malware has got to where it can engage with these technologies then you've got a bigger problem anyway.

DEP must be CPU-based to fully enable it so won't be much help systems with older CPUs. GRC Securable utility will tell you if your CPUs are DEP enabled.

ASLR is in Vista and 7.

Forget the rest.

This article might help:
http://www.infoworld.com/t/microsoft...ck-emet-21-831
__________________
Better to light a candle ... than to curse the darkness.
Remah is offline   Reply With Quote