MWR InfoSecurity has announced a new kernel fuzzer implemented to run across Microsoft Windows and POSIX based operating systems. MWR’s kernel fuzzer provides the ability to identify and report OS security vulnerabilities, lowering the attack surface and helping to secure current operating systems.
The company points to the fact that kernels are often targeted by attackers, particularly when attempting to escalate privileges. Recognizing this, sandboxes are now widely shipped by default in major browsers. This technology helps to prevent attackers from escalating their privileges should they compromise the browser. Kernel exploits can potentially be leveraged to break out of the sandboxed environment, giving an attacker unrestricted access to the host machine.
MWR’s kernel fuzzer is platform agnostic, working across Windows kernels and POSIX kernels to find vulnerabilities. Any vulnerabilities identified by MWR are reported to the affected vendors to improve the operating system’s security. MWR’s kernel fuzzer also can generate test cases in search of potentially exploitable vulnerabilities in the operating system. And the kernel fuzzer is designed to be highly distributed allowing quick identification of vulnerabilities.
MWR InfoSecurity will be announcing more details on the availability of the kernel fuzzer at a future date.