For those interested, Microsoft has just released an open-source program designed to streamline identifying security vulnerabilities in software while it's still under development. !exploitable Crash Analyzer (pronounced "bang exploitable crash analyzer") supposedly combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers.
I have not used this program yet as it was just released yesterday, but I figured folks may want to know about it.
You can download it here:
http://www.microsoft.com/security/msec/default.mspx
Microsoft's Power Point on it is here:
http://download.microsoft.com/downlo...0Analysis.pptx
The Register has a blurb about it here:
http://www.theregister.co.uk/2009/03...ft_crash_tool/
I have not used this program yet as it was just released yesterday, but I figured folks may want to know about it.
You can download it here:
http://www.microsoft.com/security/msec/default.mspx
Microsoft's Power Point on it is here:
http://download.microsoft.com/downlo...0Analysis.pptx
The Register has a blurb about it here:
http://www.theregister.co.uk/2009/03...ft_crash_tool/