Microsoft EMET 5.0 released

Microsoft may not be the most respected name in secure software products, but if you do Microsoft EMET 5.0not use EMET on all of your machines you miss the best free mitigation available for Windows operating systems. EMET is classified as a utility by Microsoft. The purpose of the utility is to make it harder for any attack of a known software vulnerability in any program. This gives you another security buffer for Adobe, Java, Office products or the custom program that you need to run your business.

These defenses are not available in any of the current Microsoft operating systems.  You must use the EMET utility to provide this extra layer of protection. The cost of adding EMET is always less than remediation of an infected system or the loss of sensitive information.

Attack Surface Reduction (ASR) and Export Address Table Filtering Plus (EATF+) are two new features added to EMET 5.0.  ASR can prevent modules or plug-ins in programs from automatically executing code.  This feature protects Microsoft Word, Excel and PowerPoint from loading the Adobe Flash player.  EATF+ can help detect and disrupt some current techniques used to execute code when a vulnerability is exploited.  EMET 5.0 can also terminate an Internet browsing SSL connection, https:, that has a untrusted certificate without sending session data to the source internet site. This keeps your identity safe from anyone that is using a suspicious certificate online.

Microsoft’s EMET should be tested with your software before you deploy this utility in a production environment.

Microsoft EMET 5.0
How many ways do you protect your software programs?

The EMET 5.5 utility is available at the Microsoft download center.

Your Android Phone Data

Android PhoneTwenty used Android phones contained over 40,000 recoverable pictures and user data.  Avast Software researchers purchased twenty used Android phones from eBay that were sold as wiped clean of user data.  Since the file format in the user data area on the Android OS only marks the areas as available for use the pictures, emails, text messages and contact names were still available on the phones.  A standard device reset does not clear you user data area on your Android based phone.  You need to write over the data to erase the contents of the pictures, text messages and emails.

Avast’s free Anti-Theft app can securely wipe data off of your phone and help you locate your phone if it is lost.  Your phone data can be erased remotely from a computer or another smart phone.  The premium version of this app can mark the device as stolen if the wrong password is entered three times.  The premium app will cost you $14.99 per year.

Secure Bulldozer is another app that can clear you phone of all of the user data.  This app is tested using a legal restoration tool and confirmed that the deleted information could not be restored. This software is a patented solution to erase all of the data in your smart phone or tablet.  Two versions of the Bulldozer app are available for your use.  The free app cannot clear documents from your smart device, but the paid app for $9.31 can erase everything from your phone.

When I checked for used Android phone I found 11,000 on eBay, 850 on Amazon and 120 on Craig’s List in Phoenix, AZ.  How many people knew how to correctly erase data on these phones?  On average there seems to be about 2,000 pictures on each used smart phone.