My client has a HP notebook with W8 and he’s not interesting in W8.1 happy with Classic Shell (thanks Bob) using windows firewall along side with Avast Free late version side by side with MBAM Pro & MCShield, and wanted to know it’s worth it to install the latest Enhanced Mitigation Experience Toolkit (EMET) 4.1 on his notebook. I’m trying to get some information and feedback whether it’s worth it to have it as part of his security set-up on his notebook, or it’s enough what he’s got now without over doing it installing the Enhanced Mitigation Experience Toolkit (EMET) 4.1.
Is your client experienced enough to know how to use EMET and make manual settings for everything he needs monitoring ? WinPatrol would be the better choice imo, if there using a hips based Firewall then that would cover them but hips also need some knowledge which is why I suggested WinPatrol.
I’ve been thinking about this as well too Craig on WinPatrol and I’ve also told him about getting a lifetime license of Outpost Pro that has HIPS or Private FW which is free, however he does have enough experience on computers cause he not 100% sure about EMET so that’s why I’m asking.
Yes, I used to run emet on my XP for years and recall there (could be) was a lot of room for messing around with settings/mitigations etc.
Now your topic Speedy has me curious again about this little tool. See how it runs on W8.1 these days. ;D
I would add EMET, set it to recommended settings via the wizard and import the popular software list that is already included with EMET. That should already cover the most used and exploited software by default(browsers,Java,Flash,Office apps etc.).
Though I can’t say it has ever saved me from any malware, I do use EMET v. 4.1 (along with AVAST!), but needed to modify a few EMET settings for some applications.
Specifically, EAF and Heap Spray are unchecked for Classic Start Menu (in Classic Shell) and Firefox. One issue noted was that the File Save dialog (which invokes Classic Start Menu) would hang in Firefox until EAF check was turned off.
AVAST! alone would probably be sufficient protection, but EMET does not seem to slow things and might be providing a bit more security.
Anyway my client decided not to have EMET on his note notebook, because he does have enough security feature without getting over killed by adding more and it took me while for me to explain things carefully to him step by step.
;D