Microsoft EMET 3.x >= 3.5 / 4.x < 4.0.4913.26122 ASLR Security Bypass
Medium Nessus Plugin ID 71176
SynopsisA tool for mitigating security vulnerabilities is potentially affected by a security bypass vulnerability.
DescriptionMicrosoft's Enhanced Mitigation Experience Toolkit (EMET) is installed on the remote system and is 3.x newer than or equal to 3.5 or 4.x prior to 4.0.4913.26122. It is, therefore, potentially affected by a security bypass vulnerability.
The application stores function addresses in a predictable way that could aid an attacker in bypassing Address Space Layout Randomization (ASLR) protections.
SolutionUpgrade to EMET 4.0.4913.26122 or later. A possible temporary mitigation step is to disable EMET.