I have been using the Enhanced Mitigation Experience Toolkit from Microsoft for quite some time now (EMET).
It is a great way to keep yourself protected from the unknown – unknown and yet to be discovered flaws in Windows, and Windows applications.
What exactly is EMET?
Well it is a free tool that runs in the background, and does two major things:
It detects and prevents memory corruption vulnerabilities in software (Think buffer overflows):
It provides certificate pinning in Internet Explorer:
Lets look at that first one – memory corruption.
If you had EMET installed on your machine, and someone tried to exploit the recent vulnerability found in all versions of IE. EMET would have blocked it for you.
Think about that for a moment. A vast majority of serious security flaws are allowed via some type of memory corruption.
If you run EMET, you are protected from a good portion of them – before the good guys even know it is a problem.
How about that second feature, certificate pinning?
Big sites like Gmail, Facebook, Amazon – all are big targets. What happens when someone is able to forge a certificate for one of those sites? They could easily perform a “man-in-the-middle” attack against you.
And the whole time your browser would tell you that the certificate was fine.
Meanwhile the bad guys are seeing your traffic in the clear. Obtaining your username and password so they can do what they want.
If you were running EMET, it would give you a warning right away like this:
As you can see I gave it a bogus Certificate Authority for secure.intelliadmin.com (The one for Facebook).
These two simple things provide a serious amount of protection.
Best of all it is totally free!
Get a free copy of EMET 4 from the Microsoft: