Security

Recently I’ve begun to move the Chocolatey packages I maintain from manual to automatic updating. Going through each package I came across an issue with Yubico Authenticator while retrieving the downloads page using Invoke-WebRequest

This caught me by surprise as I was retrieving other Yubico website pages, such as developers.yubico.com, without issue.

I decided to look at the SSL / TLS protocols for the pages using SSL Labs SSL online test and found the following:

Back in February, Microsoft released version 5.5 of the Enhanced Mitigation Experience Toolkit (EMET). This new release gave us official Windows 10 support. But we waited a long time for that support. Windows 10 was available to the masses in July 2015.

But Microsoft has suggested that this new EMET is not necessary for everyone:

EMET was released in 2009 as a standalone tool to help enterprises better protect their Windows clients by providing an interface to manage built-in Windows security mitigations while also providing additional features meant to disrupt known attack vectors used by prevalent malware. Since that time, we have made substantial improvements to the security of the browser and the core OS. With Windows 10 we have implemented many features and mitigations that can make EMET unnecessary on devices running Windows 10.