Microsoft has formally released a tool that gauges the security of an application by exploring how it affects the computer upon which it is installed.
The Attack Surface Analyzer, which might just be the best name ever for a security product, was originally released in January 2011 during the Blackhat DC security conference. Over the 20 months since launch, Microsoft claims that it has reduced the number of false positives, enhanced performance and made some bug fixes.
The tool takes snapshots of a system before and after an application was installed and then compares each to identify changes made when new apps were installed. The tool then provides an overview of changes including those such as newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists, etc.
Analyzer only looks at classes of security weaknesses where programs fall short or those which are exposed to attack vectors, but it is something developers should explore running attack surface validations before releasing Windows apps is now required by Microsoft.