/ Microsoft

EMET to the Rescue of MSXML 4.0

Hello MSXML 4, it's been a long time, nice to see you again. Looks like I'll have the last laugh [insert evil laugh here]

As you can tell, my blog has become a bit of a one-trick pony. I've focused most of my writing time talking about MSXML 4.0 and it now being out of support. For a long time I've felt like I've been 'hoisted by my own petard' when I look at my Nessus and see results (alomst mocking me) saying:

Microsoft XML Parser (MSXML) and XML Core Services Unsupported.

Well today it looks like I have the last laugh as the default installation of EMET blocks msxml4*.dll from loading in Internet Explorer.

EMET is Microsoft's Enhanced Mitigation Experience Toolkit [1]. EMET provides Windows with a number of additional Mitigation Controls, and allows better control of existing Mitigation controls such as DEP and ASLR.

Alongside a number of other controls, installing EMET with the default configuration blocks msxml4*.dll from loading in Internet Explorer.

Screenshot of Iexplore.exe configuration in EMET 5.2

Now I am comfortable with lowering or accepting the risk rating within Nessus for Un-supported MSXML knowing that I am protected.

1 - https://www.microsoft.com/emet