MS Attack Surface Analyzer tool

View previous topic View next topic Go down

MS Attack Surface Analyzer tool

Post by p2u on 29/1/2011, 11:45

Looks like a promising tool. For the time being it's in beta.
http://www.h-online.com/security/news/item/Tool-to-track-security-sensitive-changes-to-Windows-1172093.html
This tool allows administrators and end users to find out whether installing a certain program has negatively impacted system security, although it does NOT examine the installed software for concrete vulnerabilities. So you scan your system with this tool, install a new program and then run the tool again, and you'll get a report. The Heise testers, for example got this:
...Messenger ICQ under Windows 7, Attack Surface Analyzer pointed out that the access privileges for numerous installation files were too comprehensive, apparently allowing non-administrators to manipulate these files; this could potentially enable an attacker with restricted access privileges to pass on malicious code to another user of the same PC (with a different account).
P.S.: If you work with SRP or AppLocker, you would also want to know whether your newly installed printer has opened write access for limited users to certain critical folders...
You can download the free MS tool from here: Attack Surface Analyzer BETA

Paul

p2u
Valued Member
Valued Member

Posts : 211
Join date : 2010-12-14

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum