!exploitable Crash Analyzer: Microsoft's security assessment tool

Microsoft released an open-source program designed to streamline the labor-intensive process of identifying security vulnerabilities in software while it's still under development. As its name suggests, !exploitable Crash Analyzer (pronounced "bang exploitable crash analyzer") combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers. Dan Kaminsky, […]

Microsoft released an open-source program designed to streamline the labor-intensive process of identifying security vulnerabilities in software while it's still under development. As its name suggests, !exploitable Crash Analyzer (pronounced "bang exploitable crash analyzer") combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers. Dan Kaminsky, a well-known security expert who also provides consulting services to Microsoft, hailed the release a "game changer" because it provides a reliable way for developers to sort through thousands of bugs to identify the several dozen that pose the greatest risk.

Full Article