Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PatchDiff2 - High Performance Patch Analysis

Tenable Network Security has released PatchDiff2 for the IDA disassembler. PatchDiff2 can be used to compare the differences in patches provided by vendors in order to understand what has been modified and where previous security holes existed. In some cases, such as the recent MS08-030 release and re-release for Windows XP, a tool like PatchDiff2 can show that a patch update didn't actually modify anything.

PatchDiff2 is provided FREE to the community in the hope that it will help research engineers to better analyze patches.

Tasks performed by PatchDiff2 include:

  • Display the list of identical functions
  • Display the list of matched functions
  • Display the list of unmatched functions (with the CRC)
  • Display a flow graph for identical and matched functions

The main PatchDiff web page, which includes a download, is located here.

A demonstration video is also available:

Pdiff2