The Enhanced Mitigation Experience Toolkit (EMET) Default Protections for Recommended Software must be enabled.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-36703	WINCC-000080	SV-50041r2_rule	ECVP-1	unknown

Description
Attackers are constantly looking for vulnerabilities in systems and applications. The Enhanced Mitigation Experience Toolkit can enable several mechanisms, such as Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR) and Structured Exception Handler Overwrite Protection (SEHOP) on the system and applications adding additional levels of protection.

STIG	Date
Windows 2008 Domain Controller Security Technical Implementation Guide	2014-04-07

Details

Check Text ( None )
None

Fix Text (F-43167r2_fix)
EMET 3.0 Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> EMET -> "Default Protections for Microsoft Works, Microsoft Office, Adobe Acrobat and Adobe Acrobat Reader products" to "Enabled". EMET 4.0 Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> EMET -> "Default Protections for Recommended Software" to "Enabled". The Enhanced Mitigation Experience Toolkit must be installed on the system and the administrative template files added to make this setting available.

Fix Text (F-43167r2_fix)

EMET 3.0
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> EMET -> "Default Protections for Microsoft Works, Microsoft Office, Adobe Acrobat and Adobe Acrobat Reader products" to "Enabled".

EMET 4.0
Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> EMET -> "Default Protections for Recommended Software" to "Enabled".

The Enhanced Mitigation Experience Toolkit must be installed on the system and the administrative template files added to make this setting available.