Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:03 PM
Connect Directly

Microsoft Offers Free Tool For ID'ing Most Risky Bugs In Windows Applications

New !exploitable Crash Analyzer helps developers focus on vulnerabilities most open to abuse

Microsoft is offering a free, open-source tool for developers that automates the discovery of application vulnerabilities that could be exploited by the bad guys. The new !exploitable (pronounced "bang exploitable") Crash Analyzer is an add-on to Microsoft's Windows debugger fuzzing tool.

Members of Microsoft's Security Science team released the tool on Friday at the CanSecWest security conference in Toronto. !exploitable sorts out whether bugs that cause crashes during development and testing have security implications, and whether an attacker could exploit them.

"The problem with fuzzers is that they find too many bugs -- not just the exploitable ones," says HD Moore, creator of the popular Metasploit hacking tool and director of security for BreakingPoint Systems. "It seems like a great way to focus on the bugs which look promising, in a way that is less susceptible to human error. It would be a great first test for any new crash, and allows the researchers to focus only on the bugs that have a good chance of being exploited."

!exploitable is Microsoft's latest freebie tool for developers. The software giant in September released a free Threat Modeling Tool as part of its effort to open up its internal Security Development Lifecycle (SDL) framework to third-party application developers and customers in the spirit of promoting more secure software. At the time, Steve Lipner, Microsoft's senior director of security engineering strategy for the Trustworthy Computing Group, said Microsoft would continue to promote the development of secure software in the industry.

In August 2008, Microsoft announced it would share its vulnerability research finds with third-party developers for Windows and help them fix flaws in their software.

!exploitable handles crash analysis for developers and testers, which traditionally had been the domain of a security expert, according to Microsoft. It identifies the actual issues that cause an application to crash. Microsoft expects third-party developers and testers, as well as security researchers, to use its tool.

Developers typically are faced with numerous bugs during the development process; Microsoft's !exploitable tool sorts out the truly dangerous ones for them. Metasploit's Moore, who hopes to get a chance to test the tool soon, says researchers who have used it so far have reported that the tool "errs on the side of 'exploitable,'" so it's "not too accurate yet."

He also notes that !exploitable could be used in tandem with the Metasploit-related Windows-native debugging tool called Byakugan (PDF). "The Microsoft plug-in tries to determine whether something is exploitable based on the exception, and the Metasploit one tries to help you write the actual exploit," Moore says. "So theoretically you would start off with !exploitable, and then load Byakugan to write the [exploit] module."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/13/2020
Where are the 'Great Exits' in the Data Security Market?
Dave Cole, Cofounder and CEO, Open Raven,  10/13/2020
Overcoming the Challenge of Shorter Certificate Lifespans
Mike Cooper, Founder & CEO of Revocent,  10/15/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-10-19
Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code. This firmware lacks the validation of the input values on the device side, which is provided by the engineering software during parameterization. Attackers with access to ...
PUBLISHED: 2020-10-19
In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.
PUBLISHED: 2020-10-19
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
PUBLISHED: 2020-10-19
A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).
PUBLISHED: 2020-10-19
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).