Patch analysis is the process of examining the difference in vendor supplied binaries incrementally across security updates. Unfortunately, this technique remains less used (at least publically) as a means for understanding vulnerabilities and measuring risk. We aim to provide some exposure to patch analysis by way of examining the process of performing a binary diff against a recent Microsoft CVE. We further aim to demonstrate the utility of fuzzing during the patch diffing process.
Bio – Bill Finlayson is a Senior Security Researcher with BeyondTrust. Bill focuses on vulnerability research and discovery, reverse engineering, and is part of the development team of Retina – a well-known vulnerability assessment solution.