Wilcox last week published his university dissertation, presented earlier this spring for an ethical hacking degree at the University of Northumbria in Newcastle, England. The work expands on existing bypasses for Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), free software that includes a dozen mitigations against memory-based exploits. Microsoft has on more than one occasion recommended use of EMET as a temporary stopgap against publicly available zero-day exploits.
Wilcox’s published dissertation, however, is missing several pages that describe proof-of-concept exploits, including one that completely bypasses a current EMET 5.1 installation running on a fully patched Windows computer. He said last Wednesday in a blogpost that the missing pages and redactions within the text happened partly because of the Wassenaar Arrangement.
“Whilst it has impacted the release of my research it has not impacted my passion and I plan to continue researching such material as and when I feel like, though in an ideal world I would like clearer instructions so I can figure out how to do this appropriately (of which there seems to be some confusion),” Wilcox said in an email to Threatpost.