Fuzzing is a testing method that uses automated software to feed invalid, unexpected, or random data into a computer program. The testing system then monitors the program for crashes, failed assertions, and potential memory leaks.

A research team associated with Purdue University developed a tool called USBFuzz, which pushes massive amounts of random data through a system’s USB bus. The project was created by Hui Peng and Mathias Payer of the Swiss Federal Institute of Technology.

Please don’t lose any sleep over the bugs that were discovered.

Peng and Payer identified one bug in FreeBSD, three in macOS (two resulting in unexpected reboots and one causing a system freeze), and four in Windows 8 and Windows 10, which resulted in Blue Screens of Death. The majority of issues were found in Linux systems, totaling eighteen bugs.

Windows users do not need to be concerned, as all identified Windows issues have been resolved. Of the eighteen Linux bugs, sixteen have already been corrected. Several of these were considered major security vulnerabilities.

What stands out about USBFuzz is its underlying goal of improving USB platform security through continuous testing and refinement. The project is also being released as open-source software, allowing developers to use it to strengthen their own USB products. The research team plans to release USBFuzz on GitHub later in 2020.