While nobody would claim that Microsoft's just-released Attack Surface Analyzer can make your systems secure, it does provide some interesting insight into PC behavioral changes instigated by newly installed programs.
Based on a suitably academic eight-year-old Carnegie Mellon research paper called Measuring Relative Attack Surfaces, ASA conducts before-and-after analyses of software. You take a baseline with the tool, install a program or activate some specific program feature, and take another scan. ASA then tells you the differences in vulnerable places that can be attacked, the so-called Relative Attack Surface.
The announcement blog says:
Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, ActiveX Controls, listening ports, access control lists and other parameters that affect a computer's attack surface.
That's the kind of information you can expect.
Microsoft is letting the beta version of ASA out the door in conjunction with its work at the Black Hat conference in Virginia. ASA's destined to become part of the official Microsoft Security Development Lifecycle tool set. Microsoft uses ASA internally; the company is making it available to a wider audience to help developers identify potential weak points in their products, so corporate admins can take a detailed look at any products being considered for release throughout an organization. They're also looking for bugs and suggestions.
I decided to take ASA for a spin. I ran an ASA baseline on a moderately loaded 64-bit Windows 7 system, then installed Microsoft's Bing Toolbar. The results were a bit disconcerting.