Jump to content

Updated to NOD32 10 now issue with EMET and MSIE


nod4ever
 Share

Recommended Posts

Hello,

Since I installed Nod32 V10 (yesterday) EMET 5.51 blocks MSIE from loading with a EAF miltigation.

I've seen these kind of interference when MBAM v3 was released with their "exploit protection"

Did v10 introduced exploit mitigation as well?

I'm running Win8.1 with latest patches.

Link to comment
Share on other sites

9 hours ago, nod4ever said:

Did v10 introduced exploit mitigation as well?

Yes and it was there as well in ver. 9. However, their was no conflict between EMET and ver. 9 as I recollect.

You will also have issues with ver. 10 online payment protection if you use EMET, the "deep hooks" feature conflicts with it and has to be disabled.

I have since uninstalled EMET since Eset's exploit protection is excellent.

Link to comment
Share on other sites

6 hours ago, itman said:

Yes and it was there as well in ver. 9. However, their was no conflict between EMET and ver. 9 as I recollect.

You will also have issues with ver. 10 online payment protection if you use EMET, the "deep hooks" feature conflicts with it and has to be disabled.

I have since uninstalled EMET since Eset's exploit protection is excellent.

hmmm Where can I read about ESET Exploit Protection in comparison with EMET?

Link to comment
Share on other sites

How do I turn off anti-exploit in NOD32? Either ESET used a rather cryptic terminology to refer to it or I just didn't find it.

 

 

Link to comment
Share on other sites

Ok I'm bored, I turned everything off and still having issues with EMET, I don't trust new stuff by default.

So reverted back to NOD32 V9, problem solved

Link to comment
Share on other sites

10 hours ago, nod4ever said:

hmmm Where can I read about ESET Exploit Protection in comparison with EMET?

I have done my own testing using SurfRight's(Sophos) exploit test tool utility. This tool was developed to test HitmanPro Alert but works equally well with other security solutions. Using Win 7 x64 and IE11, Eset's exploit protection passed every test. Such was not the case for EMET 5.5 with a number of detection failures; notably for heap spray  memory injection. Note that these are synthetic tests and do not employ actual malware.

As far as AV lab tests specifically for exploits, appears those have been abandoned. I haven't seen any since 2015. Some labs do post separate exploit sample test results in their mainstream comparative tests, but those also are hard to find these days. Here is one A-V Comparatives did for the Eset Endpoint product: https://www.av-comparatives.org/wp-content/uploads/2016/11/avc_mrg_biz_2016_10_business_en.pdf . The core engine used by both Eset's Endpoint and consumer versions are the same. However, Eset added a number of additional protections to the latest consumer versions such as built-in ransomware protection and the like.

BTW - your most effective protection against exploits is to keep all OS, application, and security software fully patched by applying the latest updates as soon as they are offered. Proof of same is this recent Shadow Brokers NSA public exploit "dump" on GitHub.

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...