Microsoft Unveils Open Source Exploit Finder

Houston 2600 sends this excerpt from the Register about an open-source security assessment tool Microsoft presented at CanSecWest: "Microsoft on Friday released an open-source program designed to streamline the labor-intensive process of identifying security vulnerabilities in software while it's still under development. As its name suggests, !exploitable Crash Analyzer (pronounced 'bang exploitable crash analyzer') combs through bugs that cause a program to seize up, and assesses the likelihood of them being exploited by attackers. Dan Kaminsky, a well-known security expert who also provides consulting services to Microsoft, hailed the release a 'game changer' because it provides a reliable way for developers to sort through thousands of bugs to identify the several dozen that pose the greatest risk."

Eat your own dogfood?

[v1]

Microsoft Unveils Open Source Exploit Finder

Kind of makes one wonder why they don't oh I don't know... say... Run it on their Windows source???

Re:This is M$ double speak for "Finding Free Sofwa

[jav1231]

Yeah, because we all know how benevolent Micro$oft is, right?

Re:Mod down please

[Blakey+Rat]

He's not confused, he's just such an empty brainwashed open source shill he doesn't even bother to stop and think even a fraction of a second before writing out long articles full of vitriol. He's the opposite of intelligent conversation.

Re:This is M$ double speak for "Finding Free Sofwa

[trickyD1ck]

... To a passionate free software advocate, M$ is a concise, efficient and - IMO - accurate moniker.

then isn't "freetard" more concise, efficient and accurate than "free software advocate"?

Microsoft's closed-source exploit finder

[MobyTurbo]

Microsoft has long had a closed-source exploit finder that this article doesn't mention: "Microsoft Windows".