Microsoft has released two new tools designed to help developers analyse their code and check for possible vulnerabilities in applications before release.
Both applications are being offered as part of Microsoft's secure development lifecycle programme. Originally designed for use in-house on Microsoft products, the programme has since been expanded into a partner project to help third-party developers create more secure software.
The first of the tools is the BinScope Binary Analyzer, which allows developers to check code at the binary level and root out areas which could be vulnerable.
In doing so, Microsoft hopes that the tool will enable developers to build security protections and follow best practices at the most basic level of coding.
The second tool is the MiniFuzz File Fuzzer, which automates a security process known as 'fuzzing' in which an application is carefully examined and tested for possible memory overflow errors.
Such 'buffer overflow' vulnerabilities are often targeted by malware writers for exploits, and used for remote code execution attacks that can result in the covert installation of malware.
Microsoft said that both tools will be available to developers free of charge through the Security Development Lifecycle Tool Repository site.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
