Microsoft has released two new tools designed to help developers analyse their code and check for possible vulnerabilities in applications before release.
Both applications are being offered as part of Microsoft's secure development lifecycle programme. Originally designed for use in-house on Microsoft products, the programme has since been expanded into a partner project to help third-party developers create more secure software.
The first of the tools is the BinScope Binary Analyzer, which allows developers to check code at the binary level and root out areas which could be vulnerable.
In doing so, Microsoft hopes that the tool will enable developers to build security protections and follow best practices at the most basic level of coding.
The second tool is the MiniFuzz File Fuzzer, which automates a security process known as 'fuzzing' in which an application is carefully examined and tested for possible memory overflow errors.
Such 'buffer overflow' vulnerabilities are often targeted by malware writers for exploits, and used for remote code execution attacks that can result in the covert installation of malware.
Microsoft said that both tools will be available to developers free of charge through the Security Development Lifecycle Tool Repository site.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.