If you download and install a new application on your desktop, you always want to make sure it doesnít contain any malware and wonít open any potential security hole, even if itís by accident. But if you deploy that application to hundreds or thousands of computers, then that new security issue becomes much more dangerous. Itís important to know what the impact will be on your system of any new installation or patch. This is why Microsoft is offering a new tool called the Attack Surface Analyzer
Microsoft started working on this new product last year, and recently it came out of beta. Now, anyone can download
version 1.0 for free. The way the company describes it, its primary aim is to help software developers discover any vulnerabilities in their applications before they are deployed in an environment and prevent any negative consequences. But itís a great tool for IT pros to use as well, to assess the risks of any new application. First, you run the tool on a known good system, which ends up being your baseline scan. It will create a CAB file which contains all kinds of information, from which ports are open, to how many registry keys are on the system, to whether the Windows firewall is on. Then, you can install the product you want to test, and run another scan, which will be your product scan. The tool will create another CAB file, and youíll be able to generate a report that tells you exactly what changed.