- Certificate Trust: SSL Certificate Pinning has been added to help detect Man in the Middle attacks that leverage the Public Key Infrastructure (PKI). With PKI-related attacks on the rise, we felt it was important our customers had the tools necessary to help guard against this type of threat. This release also comes with specific rules for Microsoft and other popular online services such as Twitter, Facebook, and Yahoo! and enables customers the possibility to create their own customized rules.
- Hardening of ROP mitigations: In the EMET 3.5 Technical Preview release, we introduced some new mitigations to help stop ROP-based attacks. With the release of EMET 4.0, we hardened these ROP mitigations and solved many of the major compatibility and performance issues.
- Early Warning: We added a feature called Early Warning that sends useful information to Microsoft every time an attack has been detected by EMET. This feature helps us better and more quickly respond to zero day exploits and PKI-related attacks. While EMET works to detect and help prevent exploits related to a new vulnerability or a malicious certificate, we can mobilize and respond before an issue becomes widespread, resulting in better protection for customers.
- Compatibility Fixes: This new version of the tool solves all known compatibility issues that were reported for EMET 3.0 and 3.5 Tech Preview.
- Internet Explorer 10/Win8 support: On March 12th, a Windows package (KB 2790907) was released to allow all supported versions of EMET to work with Internet Explorer 10 on Windows 8.
- Redesigned UI and Configuration Wizard: We decided to revamp the EMET Graphical User Interface in order to streamline the configuration operations and to offer accessibility features. We also added a Configuration Wizard that allows you to apply the recommended memory mitigations and SSL certificate pinning rules to your system.
-Tools: EMET - Enhanced Mitigation Experience Toolkit