In association with heise online

26 August 2011, 18:34

Microsoft updates security tools

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

SDL Shield Microsoft has updated the Threat Modeling Tool, MiniFuzz and RegExFuzz components of its Security Development Lifecycle (SDL) toolkit. The updates promise greater flexibility and should make it easier for companies to implement an SDL process.

The Threat Modeling Tool aims to find potential vulnerabilities in an application even before coding has begun. The new version 3.1.8 is more stable when used with Visio 2010 and Team Foundation Server 2010.

MiniFuzz 1.5.5 is a testing tool which is able to detect problems with file-handling code. In addition to bug fixes, operation with TFS 2010 has also been revised.

RegExFuzz 1.1.0 is able to detect potential denial of service vulnerabilities in regular expressions (it tests whether evaluation times could increase exponentially – an indicator of such a vulnerability). The new version also remedies a number of bugs.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit