Microsoft has released a new toolkit for hardening binary applications without the need of recompilation. It is called Mitigation Evaluation Toolkit – A toolkit to apply security mitigation technologies to arbitrary applications. Direct Link here. Maybe someone has time to check this tool?

Cited from Microsoft website:

Security mitigation technologies are technologies designed to make it more difficult for an attacker to exploit vulnerabilities in a given piece of software. The Enhanced Mitigation Evaluation Toolkit (EMET) is a toolkit that allows certain security mitigation technologies to be applied to user specified applications. It provides four unique capabilities:

1. Until now, many of the available mitigations have required for an application to be manually opted in and recompiled. EMET changes this by allowing a user to opt in applications via a simple command-line utility without recompilation. This is especially handy for deploying mitigations on software that was written before the mitigations were available and when source code is not available.

2. EMET provides a higher degree of granularity by allowing mitigations to be applied on a per process basis. There is no need to enable an entire product or suite of applications. This is helpful in situations where a process is not compatible with a particular mitigation technology. When that happens, a user can simply turn EMET off for that process.

3. Mitigations that have previously been limited to up-level versions of Microsoft Windows now ship with EMET and are available down-level. Users can benefit from these mitigations without the need to upgrade their systems.

4. EMET is a living tool designed to be updated as new mitigation technologies become available. This provides a chance for users to try out and benefit from mitigations before they are included in the next versions of our products. It also gives users the opportunity to provide feedback and help guide the future of mitigation technologies in Microsoft products.