Microsoft Enhanced Mitigation Experience Toolkit (EMET) before 4.0 uses predictable addresses for hooked functions, which makes it easier for context-dependent