Overview Chat Bike Members News Women
Viewing 11 posts - 1 through 11 (of 11 total)
  • Microsoft EMET and Chrome
  • cranberry
    Free Member

    Does anyone have experience of MS EMET and specifically its use with Chrome ?

    We’ve had it installed at work and now can’t use Chrome – we support clients using various browsers and do actually need Chrome to do our jobs but are getting told “Computer ( department ) says no.” from the fine chaps in Security.

    Chrome opens, but all you see is an “aww snap” message in each tab. I can’t imagine that even MS would put out an application that doesn’t work with the world’s most used browser, but IT are adamant that they can’t be made to work together.

    Posted 6 years ago
    mickyfinn
    Free Member

    They need to update the EMET policy to disable EAF and ROP for the Chrome Executable. EMET is powerful and needs handling with care. If they’ve just blasted it out with the default policy settings and no testing stuff will be crashing all over the place 😉

    Posted 6 years ago
    cranberry
    Free Member

    Thanks Micky – I shall ask them if they have done that next time they come back to me.

    Posted 6 years ago
    nixie
    Full Member

    Sounds like they need reminding that IT is there to support the needs of the business not to run around like a mini Hitler.

    Posted 6 years ago
    Cougar
    Full Member

    They need to update the EMET policy to disable EAF and ROP

    I’ve worked in technology for 25 years, I’m an acronym nerd and I don’t understand any of this. Can you expand please?

    Posted 6 years ago
    FuzzyWuzzy
    Full Member

    As has been said, just need to to adjust the EMET policy to exclude Chrome. Also bear in mind EMET is not going to be developed further by Microsoft so bit strange they’re only just pushing it out now.
    That being said it’s not unusual for a company to only support one browser officially (mine only supports IE and the various company Intranet apps are only tested using IE, I prefer Chrome though and it actually works better on most of the apps but I know it’s pointless logging a support issue for it).

    Posted 6 years ago
    cranberry
    Free Member

    It would be rather like my place to deploy no longer supported security software that didn’t work properly.

    They managed to turn agile development into a bureaucratic mess and IT rather frowns upon users upsetting them by using their network.

    Posted 6 years ago
    mickyfinn
    Free Member

    EAF = Export Address Table Filtering
    Stops an Exploit scanning memory to find where a system function is loaded if the exploit can’t find/access the function it can’t call it.

    ROP = Return Oriented Programing
    Complicated stuff Read this is you want to lose half an hour of your life.
    https://www.endgame.com/blog/rop-dying-and-your-exploit-mitigations-are-life-support

    Posted 6 years ago
    mickyfinn
    Free Member

    PS its still supported until July 2018 and is a valid and useful product if you’re running 7 or 8.

    Posted 6 years ago
    cranberry
    Free Member

    Thanks again Micky

    Posted 6 years ago
    Cougar
    Full Member

    Cheers.

    Posted 6 years ago
Viewing 11 posts - 1 through 11 (of 11 total)

The topic ‘Microsoft EMET and Chrome’ is closed to new replies.

Overview Chat Bike Members News Women