Whatever.
Professionals don't play with toys at work.
HP has been laying out the ground rules for the latest Pwn2Own contest and is offering a new prize of $150,000 to the cunning cracker who can get root access to a Windows 8.1 PC running Redmond's Enhanced Mitigation Experience Toolkit (EMET). "Last year we launched a plug-in track to the competition, in addition to our …
No it does work and works very well. Unfortunately a lot of companies and domestics are using old software and old code that isnt approved for use with modern memory security standards and other standard techniques that EMET employs. Most of what EMET enforces should have been standard coding practice for the past 10 years or so.
If MS installed it as standard set to maximum there would be mass carnage and complaints as corporations found that Office 2003 and other such vintage software or even their own badly written in-house application would no longer work. Sure you can tweak EMET to allow them to work but it would be too much for Joe Average.
I wish they would install it as standard but the IT press would slaughter them. Damned if you do....
I've been using it on a lot of my machines for about a year now.
"...there would be mass carnage and complaints as corporations found that Office 2003 and other such vintage software or even their own badly written in-house application would no longer work."
I live it every day. The sheer magnitude of kludge out there is breathtaking.
Damn pompurin! I was going to throw a shot at Oracle for being so cheap in their Java exploit award, but you totally out did me. And of course, as we all know, it's specifically Java that's the single most dangerous software we can run on our computers.
Hey Oracle: How about offering a $Million for whoever can permanently return Java to actual sandboxing forever. But you don't care, do you.
The amazing thing about Java is that 90% of the machines it's installed on and compromising don't actually need it installed in the first place.
If someone wrote a 'virus' that just simply uninstalled Java without the user noticing, it would be the biggest step forward in computer security to date.
HP must be joking. Who in their right mind would reveal an exploit that bypasses EMET and Win8 for a lousy 150k? Should pull $500k from the NSA or GCHQ via the grey market. Possibly much more. Perfectly legal cash and enough to, after taxes, buy a decent house, provide an adequate retirement or a purchase new Ferrari to crash shortly thereafter.