New Fuzzing Tool Finds 26 USB Bugs in Linux, Windows, macOS, and FreeBSD

Academics say they have discovered 26 new vulnerabilities in the USB driver stack employed by operating systems such as Linux, macOs, Windows, and FreeBSD. From a report: The research team, made up by Hui Peng from Purdue University and Mathias Payer from the Swiss Federal Institute of Technology Lausanne, said all the bugs were discovered with a new tool they created, named USBFuzz. The tool is what security experts call a fuzzer. Fuzzers are applications that let security researchers send large quantities of invalid, unexpected, or random data as inputs to other programs. Security researchers then analyze how the tested software behaves to discover new bugs, some of which may be exploited in a malicious way.