Jump to content

Microsoft's Attack Surface Analyzer sheds light on software vulnerabilities

Sneha Chowdary

By Sneha Chowdary
in Old Discussions

 Share

Recommended Posts

Sneha Chowdary Celebrity

Sneha Chowdary

Posted
Posted

New tool helps developers identify potential weak points in products, lets admins quantify a program's affect on PC security
While nobody would claim that Microsoft's just-released [url=http://www.microsoft.com/downloads/en/details.aspx?FamilyID=e068c224-9d6d-4bf4-aab8-f7352a5e7d45&displaylang=en]Attack Surface Analyzer[/url] can make your systems secure, it does provide some interesting insight into PC behavioral changes instigated by newly installed programs.
Based on a suitably academic eight-year-old Carnegie Mellon research paper called [url=http://www.cs.cmu.edu/afs/cs/project/svc/projects/security/wadis1.pdf]Measuring Relative Attack Surfaces[/url], ASA conducts before-and-after analyses of software. You take a baseline with the tool, install a program or activate some specific program feature, and take another scan. ASA then tells you the differences in vulnerable places that can be attacked, the so-called Relative Attack Surface.
Microsoft is letting the beta version of ASA out the door in conjunction with its work at the Black Hat conference in Virginia. ASA's destined to become part of the official [url=http://www.microsoft.com/security/sdl/adopt/tools.aspx]Microsoft Security Development Lifecycle tool set[/url]. Microsoft uses ASA internally; the company is making it available to a wider audience to help developers identify potential weak points in their products, so corporate admins can take a detailed look at any products being considered for release throughout an organization. They're also looking for bugs and suggestions.
I decided to take ASA for a spin. I ran an ASA baseline on a moderately loaded 64-bit Windows 7 system, then installed Microsoft's [url=http://www.discoverbing.com/toolbar/]Bing Toolbar[/url]. The results were a bit disconcerting.

man for the society Celebrity

man for the society

Posted
Posted

so manalni keyloggers nundi protect chestai anamata sCo_hmmthink sCo_hmmthink

Betting Bangarraju Celebrity

Betting Bangarraju

Posted
Posted

Psycopk daggera [b]Attack Surface Analyzer[/b] vo copy CD adagochchu anna mata. @3$% @3$%

 Share
Go to topic listing
×
×
  • Create New...