techvigil-logo

Jump to : What is EMET | Download & Activate EMET | Impact of Workaround

As reported by Microsoft, All IE versions starting from 6 to 9 are exposed to a vulnerability in the CMshtmlEd::Exec function in mshtml.dll in which allows remote attackers to execute arbitrary code via a crafted web site. IE10 is not affected from this flaw.

Microsoft is investigating the matter and may provide a solution through their monthly security update release process, or an out-of-cycle security update, depending on needs. As a temporary protection from this bug, Microsoft has released Security Advisory 2757760, which illustrate a work around to stay safe from the threat by deploying the Enhanced Mitigation Experience Toolkit (EMET).

What is EMET

In short EMET is a toolkit that helps prevent vulnerabilities in software from being successfully exploited. Here, with the help of this utility and some settings, we will turn the automatic execution of Active Scripting to manual permission. This does not guarantee that vulnerabilities cannot be exploited, but works as special protections and obstacles for a hacker..

How to Activate EMET for IE

First check if you have already installed this tool or not. For this go to Program Files folder and see if there exist EMET folder. If not, you can download this toolkit from go.microsoft.com/fwlink/?LinkID=200220&clcid=0x409 [Recent v3.0, Size: 6 MB]

After installation do these steps.

  1. Go to StartAll ProgramsEnhanced Mitigation Experience ToolkitEMET 3.0.
  2. If asked, click Yes on the UAC prompt.
  3. Click on Configure Apps, then select Add.

    emet-configure-apps

  4. Browse to the application to be configured in EMET. In this case we are doing this for IE.
  5. Select the address as per your OS. For 64-bit Windows, add these paths one by one for 32-bit and x64 installations of Internet Explorer.
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe

    For 32-bit, the path to is

    C:\Program Files\Internet Explorer\iexplore.exe
  6. Now click OK and exit EMET.

We also need to configure the browser to prompt before running Active Scripting on any site. For this, follow these steps:

  1. Open Internet Explorer and go to ToolsInternet OptionsSecurity.
  2. Click Internet icon, and then click Custom Level.
  3. Under Settings, in the Scripting section, under Active Scripting, click Prompt , and then click OK.

    active-scripting-prompt

  4. Now click on Local intranet icon, and then click Custom Level.
  5. Again under Settings, in the Scripting section, under Active Scripting, click Prompt , and then click OK.
  6. Click OK to exit the window.

Impact

After doing all these, the browser will always ask you before running any Active Scripting on any site. As a result, situation may come when the browser will issue lots of security prompts even for the site you trust. To avoid this you can add such sites in Trusted Zone by doing these steps:

  1. Go to ToolsInternet OptionsSecurity tab.
  2. Click Trusted Sites, and then click Sites button.
  3. Uncheck the Require server verification (https:) for all sites in this zone option because probably all the site we trust may not have ssl certification.
  4. In the Add this website to the zone box, type the URL of a site that you trust, and then click Add.
  5. Repeat these steps for each site that you want to add to the zone.

Now no more prompt for the sites you visit regularly.