asm-diff

Microsoft fixes security-related bugs in the OS and distributes patched modules separately or in the composition of a new OS version. Old and new module versions are possible to compare and reveal vulnerabilities in the such way. Windows update reveals vulnerabilities! It is known the usage of "diff" utility in the vulnerabilities search in the UNIX C sources of target module. In the nearly the same way vulnerabilities can be found in the Windows modules. IDA Pro can produce ASM sources for the old and new module binaries. But UNIX diff utility produce much of garbage (false positives) with such ASM files due to the address shift in the new module version. Address shift results in the new labels, subroutines and variables names. asm-diff address this problem while comparing two ASM files. It behaves similary to diff but doesn"t report changes wich are caused by address shift. Less of false positives are producing. Finding vulnerabilities by comparin