 You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Does anyone have experience of MS EMET and specifically its use with Chrome ?
We've had it installed at work and now can't use Chrome - we support clients using various browsers and do actually need Chrome to do our jobs but are getting told "Computer ( department ) says no." from the fine chaps in Security.
Chrome opens, but all you see is an "aww snap" message in each tab. I can't imagine that even MS would put out an application that doesn't work with the world's most used browser, but IT are adamant that they can't be made to work together.
They need to update the EMET policy to disable EAF and ROP for the Chrome Executable. EMET is powerful and needs handling with care. If they've just blasted it out with the default policy settings and no testing stuff will be crashing all over the place 😉
Thanks Micky - I shall ask them if they have done that next time they come back to me.
Sounds like they need reminding that IT is there to support the needs of the business not to run around like a mini Hitler.
They need to update the EMET policy to disable EAF and ROP
I've worked in technology for 25 years, I'm an acronym nerd and I don't understand any of this. Can you expand please?
As has been said, just need to to adjust the EMET policy to exclude Chrome. Also bear in mind EMET is not going to be developed further by Microsoft so bit strange they're only just pushing it out now.
That being said it's not unusual for a company to only support one browser officially (mine only supports IE and the various company Intranet apps are only tested using IE, I prefer Chrome though and it actually works better on most of the apps but I know it's pointless logging a support issue for it).
It would be rather like my place to deploy no longer supported security software that didn't work properly.
They managed to turn agile development into a bureaucratic mess and IT rather frowns upon users upsetting them by using their network.
EAF = Export Address Table Filtering
Stops an Exploit scanning memory to find where a system function is loaded if the exploit can't find/access the function it can't call it.
ROP = Return Oriented Programing
Complicated stuff Read this is you want to lose half an hour of your life.
https://www.endgame.com/blog/rop-dying-and-your-exploit-mitigations-are-life-support
PS its still supported until July 2018 and is a valid and useful product if you're running 7 or 8.
Thanks again Micky
Cheers.