Emet 5.5 su w10

  • Autore discussione Il cecchino Jackson
  • Data d'inizio
I

Il cecchino Jackson

Ospite
Ciao a tutti.
ho un problema con Emet 5.5. Spero qualcuno qui lo abbia mai usato.
non so come aggiungere le app del w store ( i programmi è facile ).
googolando ho trovato Che le Universal Windows App non hanno un eseguibile (.exe). E allora cos aggiungo x farle controllare da Emet?
googolando, anche se nelle guide di altri programmi anti exploit , ho trovato che si potrebbe aggiungere WWAhost.exe. Ma non vorrei far casini, non vorrei che fosse un file "base" del so è che non partisse proprio Windows poi.
qualcuno sa qualcosa su quel wwahost.exe o meglio ancora come aggiungere le app?

grazie in anticipo
 
I

Il cecchino Jackson

Ospite
dunque su un altro forum un utente mi ha fatto notare questo (da technet inglese) :

With Windows 10 we have implemented many features and mitigations that can make EMET unnecessary on devices running Windows 10. EMET is most useful to help protect down-level systems, legacy applications, and to provide Control Flow Guard (CFG) protection for 3[SUP]rd[/SUP] party software that may not yet be recompiled using CFG. Some of the Windows 10 features that provide equivalent (or better) mitigations than EMET are:
Device Guard: Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device down so that it can only run trusted applications. Device Guard provides hardware-based zero day protection for all software running in kernel mode, thus protecting the device and Device Guard itself from tampering, and app control policies that prevent untrusted software from running on the device.
Control Flow Guard (CFG): As developers compile new apps, CFG analyzes and discovers every location that any indirect-call instruction can reach. It builds that knowledge into the binaries (in extra data structures – the ones mentioned in a dumpbin/loadconfig display). It also injects a check, before every indirect-call in your code, that ensures the target is one of those expected, safe locations. If that check fails at runtime, the operating system closes the program.
AppLocker: AppLocker is an application control feature introduced in Windows 7 that helps prevent the execution of unwanted and unknown applications within an organization's network while providing security, operational, and compliance benefits. AppLocker can be used in isolation or in combination with Device Guard to control which apps from trusted publishers are allowed to run.

e questo (da Windows Store Apps live in the Sandbox - SogetiLabs )
All Windows Store apps are tightly sandboxed. This means Windows Store apps run in their own virtual space (the sandbox) and whatever happens to it does not affect any other app running or the OS itself. It should be practically impossible for a Windows Store App to crash the entire computer, it may still crash itself but it won’t be able to hurt anything else. Being in the Sandbox also means the app has no direct access to any other app or service running outside of the app’s sandbox. Access to other apps or services is facilitated by Windows itself with a defined set of APIs with in the runtime environment. While this does place limits on what a Windows Store app can do the tradeoff is worth it because it should never be possible for a Windows Store app to be a Virus, Trojan or Rootkit
.

dunque penso si possa stare un po' più tranquilli. ma non sono esperto,ognuno dice che i propri prodotti sono sicuri. quindi se qualcuno vuole dare il suo parere meramente su questi due quotes.

- - - Updated - - -

io comunque lo lascio
 

Ci sono discussioni simili a riguardo, dai un'occhiata!

Entra

oppure Accedi utilizzando

Discussioni Simili