EMET also includes the Certificate Trust feature. This feature detects Man in the Middle attacks that take advantage of maliciously issued certificates. The Certificate Trust feature lets users configure a set of pinning rules to validate digitally signed certificates (SSL certificates) while browsing. These rules are designed to bind the SSL certificates of specific domains with one or more trusted Root Certificate Authorities (Root CAs) that issued the certificate. When EMET detects the variation of an issuing Root CA for a specific SSL certificate that's configured for a specific domain, it reports this anomaly as a potential symptom of an ongoing Man in the Middle attack.
For more information about EMET, click the following article number to view the article in the Microsoft Knowledge Base:
This page contains the most up-to-date set of rules for EMET’s Certificate Trust feature for the services that are listed earlier. The rules are delivered as an easy-to-install easy fix package that automatically updates Certificate Trust rules.
The easy fix package will update EMET’s Certificate Trust default configuration rules for versions 4.0 and 4.1. EMET must be installed in the default directory (%ProgramFiles(x86)%\EMET 4.0 or %ProgramFiles(x86)%\EMET 4.1). Only the default rules will be updated. Custom rules will be kept "as is."
Here's an easy fixTo download the easy fix solution to update EMET’s Certificate Trust default rules, click the Download button. In the File Download dialog box, click Run or Open, and then follow the steps in the easy fix wizard.
- This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
- If you’re not on the computer that has the problem, save the easy fix solution to a flash drive or a CD, and then run it on the computer that has the problem.
Article ID: 2961016 - Last Review: Oct 16, 2015 - Revision: 1