!exploitable (pronounced “bang exploitable”) Crash Analyzer is a plugin for the Windows Debugger that parses your crash logs and gives you two important pieces of information.
First, it will collate all of your crashes and determine exactly how many there actually are. So for example, out of 60 crash reports, there may only be 2 or 3 actual problems.
The second thing it does is look at the type of crash and try to determine if the error is something that could be exploited by a malicious hacker. This means that more junior employees can work these bug issues without taking the time of more senior examiners. Jason Shirk from the Security Core team joined us to take a look at !exploitable.
Check out http://channel9.msdn.com/posts/PDCNews/Bang-Exploitable-Security-Analyzer/ for an interview on how it all works.
HTH,
Tom
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING | Microsoft Forefront Security Specialist
Email: [email protected]
MVP – Forefront Edge Security (ISA/TMG/IAG)