Hex-Rays has announced the release of IDA 9.0, which introduces significant licensing changes and new features to enhance user experience and functionality across multiple platforms.
The latest version of the Interactive Disassembler (IDA) software introduces a unified licensing model, allowing users to operate a single license across Windows, Linux, and macOS platforms. This shift from platform-specific licenses simplifies access for users working in diverse environments.
IDA is a powerful malware analysis and reverse engineering tool due to its ability to disassemble executable code into human-readable assembly. It allows analysts to:
- Disassemble code: Converts machine code to assembly, helping understand the malware’s functionality.
- Static analysis: Examine functions, strings, and control flow without running the malware.
- Control flow analysis: Visualize program logic to identify malicious behavior or obfuscation techniques.
- Dynamic analysis: Debug and monitor malware in real-time to track API calls and step through code for deeper insights.
These features make IDA essential for analyzing malicious code and understanding its operation.
Analyse Any Suspicious Links Using ANY.RUN’s New Safe Browsing Tool:
Key Licencing Updates
One of the biggest changes in IDA 9.0 is the new licensing model. Licenses are no longer tied to a specific platform, allowing users to use their IDA license interchangeably on Windows, Linux, and macOS.
- Unified Licensing: Users can now utilize a single IDA license on all supported platforms, removing previous restrictions tied to specific operating systems.
- Flexible License Packs: New license packs offer various decompilers to meet different user needs.
- Retirement of IDA Home 68K: The 68K version has been replaced by IDA Home RISCV, which includes a cloud-based decompiler.
- Enhanced Team Functionality: IDA Teams now offers private Lumina functionality and is no longer limited by seat count, focusing instead on concurrent usage.
Technological Advancement
IDA 9.0 introduces several technological improvements designed to streamline processes and expand capabilities:
- Headless Processing with IDAlib: The new IDAlib feature allows both C++ and Python APIs to be used externally, facilitating the creation of standalone applications without needing to load them inside IDA.
- RISC-V Support Expansion: New decompilers for 32- and 64-bit RISC-V code are available, along with support for T-Head extension instructions used in Xuantie and Allwinner processors.
- WASM Disassembler: A new disassembler for Web Assembly (WASM) has been introduced, reflecting the growing trend of client-side browser applications.
IDA 9.0 deprecates the legacy 32-bit version, with the 64-bit build now able to handle both 32-bit and 64-bit code natively
The Enums and Structures views have been replaced by the more modern Local Types, with a porting guide available for the related API changes.
Other UI enhancements include an updated function prototype editor, more accessible specifications of structure sizes and field packing, and a refreshed keyboard shortcuts more aligned with modern conventions.
Depreciated Features and Bug Fixes
- End of IDA32 Support: The 32-bit version has been deprecated in favor of a single binary that supports 32- and 64-bit code.
- Numerous Bug Fixes: Various issues have been addressed across different components, including improvements to ARM analysis speed and enhanced UI functionality.
With these updates, Hex-Rays aims to provide a more versatile and efficient tool for developers and reverse engineers, ensuring that IDA remains at the forefront of disassembly technology.
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats ->