Proactive Management – Fixing Problems Before They Happen


[img src=”/wp-content/uploads/sites/2/2012/10/internet.jpg” class=”aligncenter”]

Guru John is our guest poster for this month’s Case & Point.  John played a crucial role in preventing potential disasters at our clients by being proactive.  Here is his story:

Driving in to work, listening to techie talk radio stuff, I heard about a new vulnerability being exploited in Internet Explorer. The gentlemen talking about it on the radio said, “The fix is too complicated so just start using a different browser.”

Challenge Accepted!

After researching the vulnerability online and actually going to the script kitty website that was promoting it, I learned I could use a product from Microsoft as another level of protection against this vulnerability. Enter EMET (Enhanced Mitigation Experience Toolkit)

What is the Enhanced Mitigation Experience Toolkit?

The Enhanced Mitigation Experience Toolkit (EMET) is a utility that helps prevent vulnerabilities in software from being successfully exploited. EMET achieves this by using security mitigation technologies. These technologies function as special protections and obstacles that an exploit author must defeat to exploit software vulnerabilities.  After testing this on my own machine and then on our Guru Machines in the office, I developed a function to push this to all our machines utilizing our Guru Monitoring Agent. Once I was confident that EMET would not interfere with day-to-day operations I unobtrusively installed and configured this product on every machine we support.

Here are some of the Frequently Asked Questions about this vulnerability and the fix we installed:

Q: Does this affect users who have Mozilla or Chrome?

A: If your Primary internet Browser is not Internet Explorer this utility didn’t directly correct anything for you, however, as new vulnerability are discovered and exploited having this on your machine gives the Gurus the ability to fight unwanted intrusion and correct exploits long before Microsoft develops a security patch for these issues.

Q: Is there anything I (as the user) need to do to make this work?

A: Users will not be required to perform any special actions.  EMET is configured by the Guru Monitoring Agent and will be adjusted silently from time to time to help your machine from being exploited.

Q:  Is this going to stop all intrusions?

A: While there will never be a way to fully protect a machine 100% from all possible vulnerabilities, by installing EMET on all workstation we have effectively made exploitation “Virtually impossible.”  Straight from Microsoft: “These security mitigation technologies do not guarantee that vulnerabilities cannot be exploited. However, they work to make exploitation as difficult to perform as possible. In many instances, a fully functional exploit that can bypass EMET may never be developed.”

If you have questions about this or any other technical issue you might be facing, give the Gurus a call at 612-454-GURU and we’d be happy to help you out!