http://blogs.msdn.com/b/sdl/archive/2012/08/02/attack-surface-analyzer-1-0-released.aspx
Процитирую:
Unlike many tools that analyze a system based on signatures or known vulnerabilities, Attack Surface Analyzer looks for classes of security weaknesses Microsoft has seen when applications are installed on the Windows operating system, and it highlights these as issues. The tool also gives an overview of changes to the system that Microsoft considers important to the security of the platform, and it highlights these changes in the attack surface report. Some of the checks performed by the tool include analysis of changed or newly added files, registry keys, services, Microsoft ActiveX controls, listening ports and other parameters that affect a computer’s attack surface.
Вещь полезная, как минимум к ознакомлению обязательна.
Тишина 