18.10.24.1 (L1) Ensure 'EMET 5.52' or higher is installed

Information

The Enhanced Mitigation Experience Toolkit (EMET) is free and supported security software developed by Microsoft that allows an enterprise to apply exploit mitigations to applications that run on Windows. Many of these mitigations were later coded directly into Windows 10 and Server 2016.

More information on EMET, including download and User Guide, can be obtained here:

Enhanced Mitigation Experience Toolkit - EMET - TechNet Security

Note: Although EMET is quite effective at enhancing exploit protection on Windows server OSes prior to Server 2016, it is highly recommended that compatibility testing is done on typical server configurations (including all CIS-recommended EMET settings) before widespread deployment to your environment.

Note #2: Microsoft has announced that EMET will be End-Of-Life (EOL) on July 31, 2018. This does not mean the software will stop working, only that Microsoft will not update it any further past that date, nor troubleshoot new problems with it. They are instead recommending that servers be upgraded to Server 2016.

Note #3: EMET has been reported to be very problematic on 32-bit OSes - we only recommend using it with 64-bit OSes.

EMET mitigations help reduce the reliability of exploits that target vulnerable software running on Windows.

Solution

Install EMET 5.52 or higher.

See Also

https://workbench.cisecurity.org/benchmarks/15290

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16, CSCv7|8.3

Plugin: Windows

Control ID: 7364a80d94a82b547b8791476a583eb72bb1e18c6c6bf467e5acecb19ea6c190