0
We recently tried deploying EMET to quite a few workstations and have ran into a lot of problems. There has been a lot of issues if users trying to open Word, Excel, Powerpoint, or Internet Explorer and it instantly crash without an EMET message. When you look at the crash log, you see the "Faulting module path: C:\Windows\AppPatch\AppPatch64\EMET64.dll" for IE 10 and 11. When I completely disable all mitigation techniques for IE, it sometimes works and other times crashes with "Faulting module path: C:\Windows\SYSTEM32\ntdll.dll".
I can't seem to pinpoint why some systems it's working, some it doesn't, and why the applications that crash are not the EMET pop up most of the time. I'm trying to disable various mitigation techniques but they seem to be hit or miss. The example above and one other Lync issue I ran into, the program didn't work until I disabled DEP and rebooted. Just opting in and turning it off didn't work.
Any recommendations or ideas of what I can do to try to get a uniform config across the clients?
Thanks!
I've not seen any problems. Is this the latest version? I think it was updated not long ago. Also, how did you deploy? – Julian Knight – 2015-05-11T21:06:08.677
Our main deploy is on 5.1, and we are trying 5.2 on any machines that have issues. So far, 5.2 fixed about 50% of the issues but others still exist. We used SCCM to push it out. – Eric – 2015-05-12T13:24:42.937