Just recently, Microsoft unveiled a vulnerability mitigating freeware tool that's precision engineered to toughen up applications against hacker assaults that take advantage of common program weaknesses and vulnerabilities. The Enhanced Mitigation Evaluation Toolkit (EMET for short) enables programmers and administrators to incorporate precise security measures and controls to susceptible programs, particularly web software that are always connected to the Internet.

The difference between EMET and other mitigating software like it comes from the fact that the freeware doesn't need to recompile programs in order to work, so it can be utilized to fortify the defense capabilities of most applications even if it lacks source code information. What's more, EMET can also apply mitigations to a program process, which is a beneficial granularity for processes that are incompatible to a given control.

The mitigation method addresses the pervasiveness of bugs and works to minimize their destructive effects instead of trying to futilely weed them out one by one. In a sense, EMET is a lot like cutting the Gordian knot; instead of exerting wasted effort on something that will inevitably occur anyway, users should try a more straightforward approach. At any rate, Microsoft is currently shipping the free tool out with four mitigation features, which includes the following: 

• SEHOP: A service that helps prevent a myriad of structured exception handling exploits to wreak havoc upon your system.

• DEP: Otherwise known as Data Execution Prevention, this feature is capable of hampering or altogether stopping the execution of certain parts of process memory.

• NULL: This practical page allocation technique has been developed to impede NULL deference exploits in user mode. 

• Heap Spray Allocation: A beneficial attribute that pre-allocates specific memory addresses to make it very difficult for cyber attackers to forecast the position of their malicious payloads.

Over the past half-decade or so, programmers have been increasingly dedicating their concentration on adding security measures that will make vulnerability exploitation by hackers a lot more difficult to execute. This is a very logical approach to the current state of affairs because today's complex and sophisticated software make buffer overflows and other common program weaknesses nigh-unavoidable.