Before I continue on this post, please be clear that I do not love or hate Windows and I have very neutral feeling to all OSes available whether as individual or enterprise landscape.
It's been 10 years since Microsoft has launched Trustworthy Computing initiative in 2002. The SQL Slammer and the Blaster outbreak in 2003 set the deeper foundation for Microsoft to build and test softwares more rigorously. It has led to form security programs like Microsoft Security Research & Defense and Microsoft Security Development Lifecycle.
Over the years, these programs shared invaluable resources to both IT professionals and developers alike. In particular, this year has seen two of their latest releases from each division.
In May 2012, SRD released a tool known as Enhanced Mitigation Experience Toolkit which helps softwares from exploitation by making them more resistant via mitigation technologies. It is based on configurable XML files to define each application EMET will protect. The toolkit is currently at v3 and available from http://www.microsoft.com/en-us/download/details.aspx?id=29851
SDL announced a new version of Attack Surface Analyzer 3 days ago which has been a beta since last year. The purpose of the software is simple, yet robust. It will compare the system states, in terms of registry, ports and files before and after a new software is installed. Version 1 of the tool can be found http://www.microsoft.com/en-us/download/details.aspx?id=24487
EMET will work hand in hand with existing anti- solutions to prevent against zero day exploitations. It will be useful for administrators to define profiles based on softwares using in their environment and later deploy via group policy or SCCM.
ASA can offer proactive security impact to developers, IT professionals, auditors and IRT by analyzing resultant effects before introducing new software to the production network.
One last thing to note. For best experience using these tools, the OS should be Windows 7 and Server 2008 or later with .NET Framework 4. Otherwise, well, you know.
Update 1 (May 28 2013): Enhanced Mitigation Experience Toolkit v4 Beta is available from April 18 2013.
Update 2 (June 20 2013): EMET 4 was released on June 17 2013.
Update 3 (August 1 2014): EMET 5 has been released on July 31 2014.
Update 4 (November 12 2014): EMET 5.1 has been released on November 10 2014.