Increasing Security on Public Access Computers with EMET

EMETdownloadI’ve previously posted various steps you can take to keep your Public Access Computers safe and secure. Today I’m writing about another free and simple way you can greatly increase the security of any Windows machine: installing Microsoft’s Enhanced Mitigation Experience Toolkit.

Enhanced Mitigation Experience Toolkit is kind of a mouthful, so most people just call it EMET (like the otter). What “enhanced mitigation experience” means isn’t obvious–in essence, EMET acts to prevent rogue code from behaving badly on your computer. This is different from anti-malware software, in that it’s not identifying, quarantining, or removing the code, it’s simply preventing it from engaging in nefarious activities. It’s important to have EMET, because while antivirus programs work by checking files against definition lists of known bad actors, EMET is effective against as-yet unidentified threats and things that have otherwise made it past your front line defenses. So, how do you get EMET and set it up? Simply follow these steps on any computer you wish to install it on (you’ll need administrative rights to proceed, so make sure you’re signed in under an account that has them):

  1. Download EMET from this page. As of this writing, the current version of EMET is 4.0.
  2. Double-click on the installer file you just downloaded (EMET Setup.msi) to begin the installation. Note that EMET requires Microsoft’s .NET framework, so you will be prompted to download and install that if you haven’t previously done so (it’s also free, but will require you to restart your computer after installation).
  3. EMETinstallWhen you see the prompt depicted above, make sure that you choose to Install EMET for Everyone who uses this computer.
  4. EMETinstall2When you see this prompt, select Use Recommended Settings. This will configure EMET to work with popular (and often targeted) programs like IE, Office (Word, Excel, etc.), WordPad, Java, and Adobe Reader.
  5. That’s it! Really, you can stop now and rest easier at night, having greatly enhanced the security of the computer you just installed EMET on.
  6. Still reading? Then we’ll dig a bit deeper–just remember that the rest of what I’ll walk you through is completely optional…
  7. If you wish to tweak EMET’s settings or configure EMET to protect the usage of additional programs (you only need to worry about Internet-engaging ones), you’ll have to open EMET’s interface. Do this by opening your Start menu (click on the Windows Orb), and type EMET into the search box. Click on EMET GUI (it should top your result list).
  8. EMETproperThis is what EMET looks like. Arguably not the cleanest interface, but really not that bad. You should intuit that Green is great, Yellow is palatable, and Red is soil-yourself horrifying (from a malware mitigation standpoint).
  9. EMETrunningIn the lower two-fifths of the EMET window, you should see a box labelled Running Processes. The easiest way to add EMET’s protection to a program is to find it on this list, right click on it, and then click Configure Process. Note that there’s a forum on programs known to have issues with EMET (the most prominent offender being Chrome).
  10. EMETaddAppYou should now see a screen like the one above. All you need to do to add the program you previously selected to EMET’s protective shell is click OK. It looks daunting, but it’s super easy.
  11. If there’s a specific program that you want to grant EMET-grade security to that doesn’t show up on the Running Processes list, just open that program, then click the Refresh button. Voila! It just made the list.
  12. Finally, a word of caution: don’t go gonzo and EMET-ify everything willy nilly. Only add those programs that interoperate with the Internet and only do so gradually. You will have to restart your computer before any changes made in EMET take effect. Once you enshroud new programs in EMET’s goodness, restart and test each one out to ensure that it still functions properly. And remember, you can always simply stop at step 5.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s