Update For EMET 3.5 AllROP.XML

I’ve updated the AllROP.XML file to include Java 7. I’ve also disabled Anti-ROP techniques for Explorer.exe – you can reenable at your own risk but I think some programs that add context menus can break explorer when incompatible. Also disabled EAF for explorer.exe.

For more information on Emet 3.5 Tech Preview read here.

You can download the new AllROP.XML:

http://www.mediafire.com/view/?88w7vas5zvyvf0l

Setting Up EMET 3.5 Tech Preview

Update: EMET 4.0 Beta Is Available

 

I’d like to start off by saying that this new version of EMET is a Tech Preview – it’s not necessarily ready for release, I can’t guarantee stability.

Step 1: Download EMET 3.5 Tech Preview

To install the Tech Preview you must first remove any previous EMET installations. After you do that you can grab the Tech Preview (3.5) here: https://www.microsoft.com/en-us/download/details.aspx?id=30424

Run the installer and open up EMET.

Step 2: Configuring System Settings

You should see something similar (but not exactly the same) to this picture.

Image

Go ahead and hit “System Settings” and you should see something similar to this:

Image

My recommended settings:

DEP: Opt Out

SEHOP: Opt Out (Vista users can choose Always On)

ASLR: Opt On

For a significantly more secure (but potentially less stable) system you can use these settings:

DEP: Always On

SEHOP: Opt Out (Or Always On for Vista Users)

ASLR: Always On

To learn how to enable ASLR Always On click here.

Step 5: Import all.XML

Click the “Configure Apps” button (at the bottom of the EMET User Interface) and you’ll see this page (but without all of these items in it):

Image

Go to File -> Import -> Navigate to all.XML (in your EMET folder) -> Open.

EMET should import all of the settings for the typical ALL.XML but there won’t be any active ROP mitigation techniques, so make sure you enable them manually.

Restart your system for the full effect.