!exploitable (pronounced “bang exploitable”) is a Windows debugging extension (Windbg) that provides automated crash analysis and security risk assessment. The tool first creates hashes to determine the uniqueness of a crash and then assigns an exploitability rating to the crash: Exploitable, Probably Exploitable, Probably Not Exploitable, or Unknown. There is more detailed information about the tool in the following .pptx file or at http://www.microsoft.com/security/msec.
This tool was created by the Microsoft Security Engineering Center (MSEC) Security Science Team. For more information on MSEC and the Security Science team, please visit http://www.microsoft.com/security/msec.
To see what’s being worked on presently, visit the Security Research and Development blog at http://blogs.technet.com/srd/
To download the tool, visit http://www.codeplex.com/msecdbg
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer