change that will introduce a new security vulnerability.
There may be new processes running in the background, for instance, additional Windows services installed or new network ports open – all kinds of issues.
PC’s have always been this way, of course. And beacause most people don’t have time to pour over their security settings every day, they just accept it and hope for the best. But there may now be an alternative for Vista and Windows 7 users, in a new, free Microsoft tool: the Attack Surface analyzer (netm.aq/attack-sur).
The program is targeted at security experts, which poses a few problems when you look at its reports. Don’t let that put you off, though – it’s so easy to use that everyone should give it a try. All you have to do is use the Attack Surface analyzer to scan your system, then install your application and scan your system again. The program then compares the two reports, and lists any changes that might affect your security: new or modified files, services, ActiveX controls, network ports and more.
And that’s where the complications begin to appear, because this report can feel rather complex, with details on issues such as “Directories with weak ACLs” and “Named Pipes”. PC novices will quickly become lost. If you’re a more experienced Windows user, though, there may be plenty here of interest.
The Attack Surface Analyzer can report on changes in user accounts, firewall rules, network shares and IE Zones, as well as new drivers, Browser Helper Objects, startup programs and more, which will be far more useful information for most people.
If you’re not a developer, then parts of the report will surely baffle you, but you’ll also find plenty of more accessible details, and overall the Attack Surface Analyzer does a good job in letting you know how your PC’s security is changing over time.