CERT warning: Windows 10 is less secure than Windows 7 with EMET
In direct contrast to Microsoft's assertion that Windows 10 is its most secure operating system ever, the US-CERT Coordination Center says that Windows 7 with EMET offers greater protection. With EMET due to be killed off, security experts are concerned.
A vulnerability analyst from CERT, Will Dormann, advises Microsoft to continue the development of EMET. Microsoft says 'many' of EMET's features have been integrated into Windows 10, but the concern is that key components are missing, and others have been implemented in such a way that reduces their security.
CERT concerns will be particularly worrying to business and enterprise users, as Dormann reveals just which of EMET's features are missing from Windows 10. Of particular concern is the fact that so many application-level defense options are absent. He has produced a table that shows how Windows 7 compares to Windows 10 in terms of security, with and without EMET:
He also points out another serious issue:
The problem is that the application needs to be specifically compiled to take advantage of CFG (Control Flow Guard). Out of all of the applications you run in your enterprise, do you know which ones are built with CFG support? If an application is not built to use CFG, it doesn't matter if your underlying operating system supports CFG or not.
Even though EMET reaches end-of-life on July 31, 2018, Dormann advises companies to continue using it beyond this date regardless.