A security exposure in an operating system or other system software or application software component. Before the Internet became mainstream and exposed every organization in the world to every attacker on the planet, vulnerabilities surely existed, but were not as often exploited.
In light of this madness, mostly perpetrated against Microsoft, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.
Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. For a database of common vulnerabilities and exposures, visit http://icat.nist.gov/icat.cfm. See network security scanner and vulnerability disclosure.
In light of this madness, mostly perpetrated against Microsoft, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.
Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. For a database of common vulnerabilities and exposures, visit http://icat.nist.gov/icat.cfm. See network security scanner and vulnerability disclosure.
 | Reproduced with permission from Computer Desktop Encyclopedia. Copyright (c) 1981-2009 The Computer Language Company Inc. All rights reserved. |
Additional Resources
- iHacked: jailbroken iPhones compromised, $5 ransom demanded
- Yesterday, a "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now!" message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from...
- Blog posts 2009-11-03
- Analyst: Big on Motorola, Android; no love for RIM, Palm
- To Stay in Business,eventually they will turn to Android.The SAME WAY did HTC and MOTOROLA.and IT will not Take Long!RE: Analyst: Big on Motorola, Android; no love for RIM, PalmRIM forever!droid is cool, but read the comments on the original article.this guy is probably waaaay off.IT Analysts are kind of...
- Discussion threads 2009-11-02
- Nsauditor 1.9.6 (Windows)
- Nsauditor Network Security Auditor is a network security software and vulnerability scanner that allows auditing and monitoring network computers for possible vulnerabilities, checking network for all potential methods that a hacker might use to attack it and create a report of potential problems that were found. Nsauditor is a complete...
- Software downloads 2009-11-01
- My Top Scary Technology Trends
- The Most Terrifying:Google.Kills good companies by handing out "freebies". VERY scary.Machines replacing humansI thought they were tools to enhance our experience on earth.The worst is when customer is an AI telephone. "I'm sorry, could you repeat your last phrase. I did not understand". I thought the buttons were bad enough.RE:...
- Discussion threads 2009-10-29
- Saying goodbye to Zimbra
- Garbage?Garbage?It's not garbage if it works for him.Just because you're on some strange crusade to hate it doesn't mean nobody should use it.If it works for him, great.Always the right tool for the right job, always. Some things work better for some people than others.Good luck, you picked the WORST...
- Discussion threads 2009-10-26
- Kingsoft Internet Security 9 Plus 2009.04.14.59 (Windows)
- Kingsoft Internet Security 9 Plus includes anti-virus, anti-malware, a vulnerability scanner and personal firewall. Find and fix rootkits, spyware, trojans, virus and malware infections. The webshield protects you from infection while surfing the Internet. The suite also includes many other useful tools: usb flash rescue disk creation, history cleaner, disk...
- Software downloads 2009-10-25
- Windows 7 security default worries experts
- How many Windows 7 does it take...How many dribble articles about Windows 7 canthere be in one week.I heard Windows 7 is now helping the economy andit has changed global warming to global cooling.So the polar bears are now SAFE!!! Way to go Windows 7 it is like the messiah...
- Discussion threads 2009-10-22
- CyberThreats: Complacency abounds
- We are making it easier for attackers??The first line of the quoted Gartner article says that the threats have remained the same but we're "seeing some new and clever evasion techniques"Then the last line says that "The biggest change was the decline in ability to prevent or shield vulnerabilities"So Gartner...
- Discussion threads 2009-10-21
- News to know: Apple; Alex; Microhoo; Droid; FCC
- Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Sam Diaz: Another strong quarter for Apple; credit strong iPhone, Mac sales Jason D. O'Grady: Apple announces most profitable...
- Blog posts 2009-10-20
- Microsoft: Human error caused critical SMB2 vulnerability
- did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...
- Discussion threads 2009-10-19
- Microsoft: Human error caused critical SMB2 vulnerability
- Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine
- Blog posts 2009-10-19
- Mozilla blocks dangerous MS .NET Firefox add-on
- RE: Mozilla blocks dangerous MS .NET Firefox add-onIf it had to be blacklisted or not I really don't care now. Implementing code without end user permission is enough reason. We all know MS ways so I am glad Mozilla people used this way and hope they keep doing it in...
- Discussion threads 2009-10-19
- Mozilla blocks (then unblocks) dangerous MS .NET Firefox add-on
- The move comes in the wake of an admission from Microsoft that the add-on was exposing users to drive-by malware downloads via a remote code execution vulnerability. by Ryan Naraine
- Blog posts 2009-10-19
- Microsoft exposes Firefox users to drive-by malware downloads
- The Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without permission from end users is vulnerable to a serious code execution vulnerability. by Ryan Naraine
- Blog posts 2009-10-16
- Patch Tuesday: MS plugs critical IE, Windows Media Player holes
- Is MS going to pay for my Gb/month overage?With ISPs grasping for profits I see the day when the "download cost" of these mega-patches become an issue!RE: Patch Tuesday: MS plugs critical IE, Windows Media Player holesWow, my Microsoft software is sure to be secure now.GOOD JOB!If only other manufacturers...
- Discussion threads 2009-10-13
- New Adobe PDF flaw under attack; Patch coming Tuesday
- Note to all Knuckleheads....The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIXWhy announce at all? Just fix the thingI'm getting really tired of any company that gives the ostensibly obligatory "We're on that!" and then it's some time before the fix comes. These...
- Discussion threads 2009-10-09
- New Adobe PDF flaw under attack; Patch coming Tuesday
- Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers. by Ryan Naraine
- Blog posts 2009-10-09
- L0phtCrack 6.0.7 (Windows)
- L0phtCrack is back. It's time to audit your passwords. L0phtCrack 6 is the award-winning password audit and recovery tool for Windows and Unix passwords. Security experts from industry, government, and academia agree that weak passwords represent one of the ten most critical internet security threats, and are receiving more attention...
- Software downloads 2009-10-05
- Google Chrome update doesn't remove older, vulnerable version
- But how would an attacker cause the vulnerable code to execute?Frankly, this seems to be a minor issue. If you are launching Chrome you will launch the latest version. The older version is just cruft. I don't see any scenario where you inadvertently or an attacker can execute the older...
- Discussion threads 2009-10-01
- RIM plugs BlackBerry phishing hole
- Software versionIs there anywhere RIM states the software versions that contain the patch? I used their online tool to check my AT&T Bold and it told me v4.6.0.297 that I installed a month ago was the most current software. UselessI got the same result with my Storm. 1 would think...
- Discussion threads 2009-09-30
Neighboring Terms
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
