Enhanced Mitigation Experience Toolkit (EMET)
The Microsoft Security Response Center announced a new version of the Enhanced Mitigation Experience Toolkit (EMET). It's one of the free Microsoft security downloads to consider using, even for home users. EMET will help protect your computer from threats caused by 0-day vulnerabilities.
You can use EMET to block 0 day exploits in many applications including Outlook Express, Windows Mail, Adobe Reader, Java Plugin, Internet Explorer, Firefox, Opera and many more. Many security conscious users are using an extra layer of protection or an advanced anti-virus and firewall protection that will block or prevent infections that are triggered only on vulnerable systems or applications. Affected vendors need time before they can release a fix, but if the exploit code is publicly available malware creators often quickly take advantage of it.
EMET is also one of the free Microsoft security downloads and you can grab a copy from the Microsoft Download Center website. You may install it on Windows XP with Service Pack 3, Windows Vista with SP1 or SP2 and Windows 7. Server operating systems are also supported.
To use EMET, simply add the executable of the program you wish to be protected:
If you use the application, you will see it protected by EMET:
You don't have to continue running EMET, because once installed it will continue to protect the programs that you've added to EMET's protection list. Take a look at the example screenshot below, in which Process Explorer shows the program is running EMET protection to make it more difficult for an attacker to exploit vulnerabilities in an application they want to target: Adobe Product Security Response team also recommends EMET to help protect against 0-day exploits that target Adobe Reader that are currently not fixed. Naturally, I also suggest changing the settings of Adobe Reader to help protect against attackers in general.
Image credit: Screenshot taken by the author.