news4geeks.net
3Aug/120

Microsoft tool evaluates software’s impact on OS security

Posted by vica

Microsoft has released Attack Surface Analyzer 1.0, a free tool that can help system administrators, IT security professionals, or software developers understand how newly installed applications can affect the security of a Windows OS.

The tool scans for classes of known security weaknesses that can be introduced by the files, registry keys, services, Microsoft ActiveX controls and other parameters created or changed by new applications.

It can identify executable files, directories, registry keys, or processes with weak access control lists (ACLs). It can also flag processes that don't mark memory regions as non-executable (NX), which could result in the bypassing of the Data Execution Prevention (DEP) Windows security feature. The tool also identifies services with fast restart times that could be attacked to bypass address space layout randomization (ASLR), as well as changes to the Windows Firewall rules or Internet Explorer security policies. Read more...

Tagged as: , , , Continue reading
   

Tags

Amazon Android Apple apps browser business China Chrome Cloud data devices Facebook Firefox Google Hackers hardware HP IBM Intel Internet iPad iPhone IT LINUX Malware market Microsoft Mozilla network Nokia Oracle OS RIM Samsung Security smartphones software Sony tablets Twitter web website Windows Windows 8 Yahoo

Categories

Calendar

June 2013
M T W T F S S
« May    
 12
3456789
10111213141516
17181920212223
24252627282930