From the MSDN blog:
Last year we released a beta version of our free Attack Surface Analyzer tool. The purpose of this tool is to help software developers, Independent Software Vendors (ISVs) and IT Professionals better understand changes in Windows systems’ attack surface resulting from the installation of new applications. Since the initial launch of Attack Surface Analyzer, we have received quite a bit of positive feedback on the value it has provided to customers. Today we are pleased to announce that the beta period has ended and Attack Surface Analyzer 1.0 is now available for download.
This isn’t merely a new toy to play with, it’s a serious tool for analyzing your Windows systems. I immediately added it to my toolkit and went off to check out our lab PCs at the college where I am Network Administrator.
The tool is meant to be run first on a fresh system with no applications installed in order to establish a baseline. Then, you install your apps one by one and run the tool after each install to see how your attack surface is changing.
I’m going to put my student assistants to work on this next week and I’ll deliver a more comprehensive report on what I discover.