Attack Surface Analyzer 2.0 Available for Checking Software Installs

Microsoft this week described Attack Surface Analyzer 2.0, an updated tool for checking software installations that's now built using open source code.

Attack Surface Analyzer 2.0, released about a week ago, can be used by IT security auditors to evaluate the risk of "third-party software" (software from non-Microsoft vendors). It can also be used by DevOps engineers to see the system changes made by software additions, per Microsoft's GitHub description. It's an open source tool, built using .NET Core, that runs on Linux, macOS and Windows systems.

The tool is needed, Microsoft's announcement explained, "because most installation processes require elevated privileges, which can lead to undesired system configuration changes." 

Users of Attack Surface Analyzer 2.0 perform an initial system scan. They then install an application and perform yet another system scan. The tool will then show what changed based on certain criteria.

Currently, the criteria that can be selected include:

  • File System
  • User Accounts
  • System Services
  • Network Ports (listeners)
  • System Certificate Stores
  • Windows Registry

Other criteria may get added to the tool in the near future. Microsoft is considering adding code signing information, drivers, firewall settings, redistributable installations, network traffic, registry and some "requested features which existed in the original Attack Surface Analyzer," the GitHub page explained.

Attack Surface Analyzer 2.0 is deemed as being the replacement for the original Attack Surface Analyzer tool that Microsoft released back in 2012, which is still available here.

One catch to using Attack Surface Analyzer 2.0 is that installation files currently aren't available. Just a bunch of compressed files can be accessed from the GitHub code repository. An early tester encountered an odd roadblock, according to this Twitter post.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.


  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

  • How To Dynamically Lock Down an Unattended Windows 10 PC

    One of the biggest security risks in any organization happens when a user walks away from their PC without logging out. Microsoft has the solution (and it's not a password-protected screensaver).

  • First Stable Chromium-Based Microsoft Edge Browser Released

    Microsoft on Wednesday announced the first release of its Chromium-based Microsoft Edge browser at the "stable" commercial-release stage.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.