Microsoft EMET blocks 'VBScript God Mode'
Microsoft has updated its exploit blocker Enhanced Mitigation Experience Toolkit (EMET) to version 5.2 with some welcome tweaks and enhancements.
The Attack Surface Reduction mitigation has been extended to stop processes running malicious scripts via IE’s script engine. That’s good news as it’s a particularly powerful hack, and the basic "VBScript God Mode" idea has been around for quite some time.
The latest EMET also employs a brand new protection technique called Control Flow Guard (CFG), which detects and blocks attempts to hijack its code.
CFG is only useful when running on a "CFG-Aware" version of Windows -- which, right now, means Windows 8.1 or Windows 10 Technical Preview -- but the program will still run correctly on Windows 7 or later.
Enhanced Mitigation Experience Toolkit 5.2 is available for download now.