HomeWinBuzzer NewsProject Zero Researcher Ports Windows Defender to Linux for Fuzzing Enhancements

Project Zero Researcher Ports Windows Defender to Linux for Fuzzing Enhancements

Travis Ormandy says that the fuzzing technique works better for Windows Defender ported to Linux. He has created a tool to allow this process.

-

Travis Ormandy is closely associated with Windows, despite the fact he works for . The Project Zero engineer has recently discovered several Windows vulnerabilities. He has now developers a new tool for porting to .

The tool focuses on enhancing fuzzing. This technique produces scans for vulnerability directly from a DLL file. By using data injection, fuzz testing, users can automate the search for invalid or surprising data injected into apps.

Ormandy says Fuzzing works better on Linux. This is because the open source platform has tools that makes the process more efficient compared to Windows.

“Distributed, scalable fuzzing on Windows can be challenging and inefficient. This is especially true for endpoint security products, which use complex interconnected components that span across kernel and user space. This often requires spinning up an entire virtualized Windows to fuzz them or collect coverage data,” Ormandy explains.

His new tool uses a library to give native Linux programs the ability to load functions from a Windows DLL. Ormandy put together a demo that shows fuzzing working through a Windows Defender port to Linux.

“The intention is to allow scalable and efficient fuzzing of self-contained Windows libraries on Linux. Good candidates might be video codecs, decompression libraries, virus scanners, image decoders, and so on,” Ormandy explains on the open Github page.

Work with Project Zero

As mentioned, Travis Ormandy is probably best known for his role with Project Zero. The division searches for zero day vulnerabilities and relays the flaws to software vendors.

Companies are given 90 days to fix any vulnerabilities before Project Zero makes the threat known. Ormandy was a researcher who helped find recent Microsoft Windows and Edge vulnerabilities. While patched some of these, others were made public and patched later.

Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News