Microsoft has made available for download a new security tool designed to assess the attack surface of Windows operating systems.
As Windows platforms are being used, a variety of changes are introduced, more often than not, increasing the risk of attacks.
One scenario illustrative of this involves the installation of new software. Applications deployed on top of Windows manage not only to add extra functionality and capabilities that customers need, but also to introduce changes, some of which could represent security liabilities, or even be exploitable vulnerabilities.
This is why the Redmond company decided to share with the world an internal tool designed to catalog changes introduced to the Windows platform by new software being installed.
“The Attack Surface Analyzer beta is a Microsoft verification tool now available for ISVs and IT professionals to highlight the changes in system state, runtime parameters and securable objects on the Windows operating system.
“This analysis helps developers, testers and IT professionals identify increases in the attack surface caused by installing applications on a machine,” revealed David Ladd, principal security program manager, Microsoft.
“The tool takes snapshots of an organization’s system and compares (“diffing”) these to identify changes. The tool does not analyze a system based on signatures or known vulnerabilities; instead, it looks for classes of security weaknesses as applications are installed on the Windows operating system,” he added.
The software giant has equipped the tool with reporting capabilities. This means that Attack Surface Analyzer will not only deliver an overview of Windows changes that can impact security, but also flag the most important issues.
Customers need to know that Attack Surface Analyzer is part of the solutions used by the Redmond company to bulletproof Windows through the Security Development Lifecycle (SDL) best practices.
According to Ladd, development teams need to identify both the default and maximum attack surface for a product as early as the design phase. In the end, this is another method to ensure that the exploitation of potential vulnerabilities is reduced.
“Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters that affect a computer’s attack surface,” Ladd explained.
Attack Surface Analyzer is offered free of charge, as it is the case for all SDL resources from Microsoft.
Attack Surface Analyzer is available for download here.