Microsoft has unveiled the free tool Attack Surface Analyzer should auffdecken the changes in the Windows system after installing an application. The tool shows, according to Microsoft added files, registry keys and ActiveX control and points to open server ports. It also assesses the permissions of the files have been added.
not particularly critical, but preventable, according to Yahoo tool sets wrong permissions for installed files. In order to create a report that requires a scan through the analyzer before installing and after installing the program to be examined. In a short test of the heise Security editorial team with the MSN Messenger on Windows 7 of the Attack Surface Analyzer to access low priced criticized on several installation files. Thus, it is also possible non-administrators, these files to manipulate. It is conceivable that an attacker pushes with limited rights to other users of the same PC (with a different account) malicious code.
The announcement of the tool was parallel to the Black Hat security conference. There, Microsoft has also introduced the updated version 1.2 of BinScope Binary Analyzer that supports Visual Studio 2010. The BinScope Binary Analyzer binary code checks to see if all the recommended and necessary security flags (/ GS, / SafeSEH and others), protective mechanisms (such as / DYNAMIC BASE ALSR) and controls available in the software are enabled respectively. ( dab )
0 comments:
Post a Comment