Vulnerability: Definition and additional resources from ZDNet

A security exposure in an operating system or other system software or application software component. Before the Internet became mainstream and exposed every organization in the world to every attacker on the planet, vulnerabilities surely existed, but were not as often exploited.

In light of this madness, mostly perpetrated against Microsoft, the architecture of future operating systems has changed. Designing software to be bulletproof against attacks is like building a house where every square inch is fortified with steel and sensors that detect intrusions. Patching an existing operating system written by hundreds of programmers who were not dwelling on this issue when they wrote the code is an onerous job.

Security firms maintain databases of vulnerabilities based on version number of the software. If exploited, each vulnerability can potentially compromise the system or network. For a database of common vulnerabilities and exposures, visit http://icat.nist.gov/icat.cfm. See network security scanner and vulnerability disclosure.

Reproduced with permission from Computer Desktop Encyclopedia.
Copyright (c) 1981-2008 The Computer Language Company Inc.
All rights reserved.

Additional Resources

Google ignores some reported security problems?: Aviv Raff posted a public disclosure of a minor security risk that could be a major problem if used in conjunction with another type of problem. It's true that his discovery isn't really one that by itself should keep you up at night, but it's one that I'm surprised...; Tags: Google Inc., Security, Garett Rogers; Blog posts 2008-10-11
Symantec shows Microsoft how to do UAC: Symantec shows Microsoft how to do UACSo I don't have to wait for Windows 7?The need to wait or upgrade to Windows 7 is looking more dim for Windows Vista users. Microsoft just yesterday announced their intention to improve the user experience for UAC in Windows 7. But with third...; Tags: SECURITY, Web browsers, EXPLORER, UAC, Symantec Corp., Microsoft Corp., Microsoft Windows; Discussion threads 2008-10-10
MS Patch Tuesday heads-up: 11 bulletins, 4 critical: It will be a very busy Patch Tuesday for administrators managing Microsoft Windows computer systems. According to Microsoft's advance notice mechanism, 11 security bulletins will drop next Tuesday (October 14, 2008), covering a wide range of serious vulnerabilities. Four of the 11 bulletins are...; Tags: Vulnerability, Exploit Code, Microsoft Corp., Bulletin, Security, Ryan Naraine; Blog posts 2008-10-09
Opera bitten by 'extremely severe' browser bug: Opera bitten by 'extremely severe' browser bugThanks for the heads upUpgrading to Opera 9.6 now.RE: Opera bitten by 'extremely severe' browser bugDid that yesterday when they released it. However I wish that they could patch the "Clickjecking" vulnerability. I know this "Clickjacking" vulnerability is part of the older HTML spec...; Tags: Web browsers, Microsoft Windows, Opera Software, browser bug, administrative right, Web browser; Discussion threads 2008-10-09
Opera bitten by 'extremely severe' browser bug: Buried in the flurry of feature-related news surrounding the release of Opera 9.6 is the fact that the update fixes an "extremely severe" vulnerability that could expose Opera users to code execution attacks. According to an Opera advisory, which is not mentioned anywhere in Opera's giddy press...; Tags: Opera Software, Web Browser, Applet, Rohlf, Security, Ryan Naraine; Blog posts 2008-10-09

SEC investigating fake Steve Jobs heart attack story: SEC investigating fake Steve Jobs heart attack storyArtificial vulnerability"...these sudden falls in stock price based on speculation and rumor show that Apple is at present very vulnerable, especially when it comes to Steve Jobs and his health."I just like to point out that the perceived vulnerability was created mostly by...; Tags: Vertical industries, Investment, SEC, Steve Jobs, Tweets, Yes Jobs, Liberation; Discussion threads 2008-10-04
Apple releases iTunes 8.0.1; Apple TV 2.2: Apple released iTunes 8.0.1 yesterday. The 58.5MB update includes the following: • Seamlessly plays the current song when creating a new Genius playlist. • Improves syncing spoken menus to iPod nano. • Addresses an issue of deleting HD TV episodes when downloading. • Improves...; Tags: Software, Apple Inc., Apple TV, Apple iTunes, Digital Music, Digital Media, Tools & Techniques, Personal Technology, Consumer Electronics, Management, Jason D. O\'Grady; Blog posts 2008-10-03
What, me worry (about mobile viruses)?: Kaspersky, via PC Magazine, has graciously told the public to worry about mobile phone worms. I'm not worried, and there are many reasons why you shouldn't be concerned... yet. It is commonly accepted that there have been very few pieces of mobile malware that have ever...; Tags: Mobile, Handset, Malware, Cell Phone, Virus, Mobile Malware, Handset Population, Cyberthreats, Spyware, Adware & Malware, Advertising & Promotion, Viruses And Worms, Cellular Phones, Security, Marketing, Consumer Electronics, Personal Technology, Adam O\'Donnell; Blog posts 2008-10-01
Web 2.0: Unprecedented data liabilities for users and businesses: Web 2.0: Unprecedented data liabilities for users and businessesAll Cloud based applications have this vulnerabilityFrom what I have been able to tell putting any type of personal or secret business data on the internet is pretty much the same as publishing it on the front page of every major newspaper...; Tags: Vertical industries, data liability, Internet, Web 2.0, Web; Discussion threads 2008-09-30
Hole in Adobe software allows free movie downloads: Hole in Adobe software allows free movie downloadsWho wrote this?!?Because whoever did needs to take a quick look at their article and proofread it.This article makes it sound like this vulnerability will mean certain death to content providers' business model and no one is going to pay for it unless...; Tags: Digital rights management (DRM), Digital media, Digital music, Fair Use, Adobe Software, movie download, movie, Adobe Systems Inc., software; Discussion threads 2008-09-29
News to know: Debate Hub, Clickjacking; RIM's Q2; Twitter; Slingbox goes HD: Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Andrew Nusca: EXCLUSIVE: C-SPAN launches gadget-fueled ‘Debate Hub' as social, political destination Former Google product manager ‘disappointed' by T-Mobile G1 ...; Tags: Research In Motion Ltd., CNET Networks Inc., Matthew Miller, Twitter, Internet Service Providers (ISPs), Digital Rights Management (DRM), Security, Internet, Sam Diaz; Blog posts 2008-09-26
Memory exhaustion DoS vulnerability hits Google's Chrome: Memory exhaustion DoS vulnerability hits Google's ChromeWhat to do?I can find loads of information on what it is this vulnerability can do. But as a user what can I do to minimize the risk of this happening to my machine?www.GetFirefox.comReally, why even bother with Chrome, especially when there are solid...; Tags: Web browsers, SECURITY, DoS vulnerability, vulnerability, DOS, exhaustion, Google Chrome, Google Inc.; Discussion threads 2008-09-26
Memory exhaustion DoS vulnerability hits Google's Chrome: Aditya K Sood from the EvilFingers community, which disclosed the first Chrome DoS vulnerability at the beginning of the month, has released a proof of concept demonstrating a memory exhaustion DoS vulnerability affecting Google's Chrome versions Chrome/0.2.149.30 and Chrome/0.2.149.29 : "The Google chrome browser is vulnerable to memory exhaustion...; Tags: User Interaction, Google Inc., DOS, Vulnerability, Web Browser, Google Chrome, Memory Exhaustion, Web Browsers, Security, Internet, Dancho Danchev; Blog posts 2008-09-25
Clickjacking: Researchers raise alert for scary new cross-browser exploit: Clickjacking: Researchers raise alert for scary new cross-browser exploitText or graphicremember there use to be a link on web pages if you wanted text only or graphics.that should be put back in placein the wild?"Zero-day" means that the exploit was being used in the wild before a patch was released...; Tags: Web site development, Web browsers, exploit writer, Clickjacking, exploit; Discussion threads 2008-09-25
Anatomy of a Web Attack: How Hackers Threaten Your Web Security: The Web has become the key vector for online attacks - yet the vast majority of businesses are unprotected against today's modern Web-based malware. Hackers have developed a new box of tricks. Today's rapidly evolving Web threats and the instant exploitation of any vulnerability by malware authors...; Tags: Web, Sophos Plc., Malware, Web Security, Hacker, Attack, Channel Management, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Marketing; Webcasts 2008-09-25
Cisco mega patch plugs serious IOS vulnerabilities: Today is a very busy patch day for network administrations managing Cisco gear. The networking giant released a whopping 12 bulletins with fixes for a wide range of security vulnerabilities in IOS, the underlying software that powers routers and network switches. Some of the...; Tags: Cisco IOS, Vulnerability, SNMP, Cisco Systems Inc., Series Device, Network Administration, Networking, Ryan Naraine; Blog posts 2008-09-24
Dirty dozen: Firefox ships patch for 12 security flaws: Dirty dozen: Firefox ships patch for 12 security flawsAdobe Flash Beta 10 on Linux Stopped CrashingEvery since build version 3 of Firefox 3.0.2 Adobe 10 beta stopped crashing on Linux 32/64 bit systems. Flash now runs great on this release, except for some minor issues with accelerated graphics and nVidia...; Tags: Web browsers, Viruses and worms, Linux, Mozilla Firefox, keylogger, Dirty, Fox, security flaw, security; Discussion threads 2008-09-24
Dirty dozen: Firefox ships patch for 12 security flaws: Mozilla has released another point update for its flagship Firefox browser to provide fixes for at least 12 documented security vulnerabilities. Some of the flaws put millions of Web surfers at risk of remote code execution attacks. The Firefox 3.0.2 update addresses two issues rated by Mozilla...; Tags: Developer, Mozilla Firefox, Attacker, Vulnerability, Mozilla Corp., Web Browsers, Security, Internet, Ryan Naraine; Blog posts 2008-09-24
Hunt for Palin 'hacker': Journalism or mob mentality?: Hunt for Palin 'hacker': Journalism or mob mentality?So what are you advocating, anarchy?So, are you advocating anarchy where there are absolutely no constraints on moral, ethical, fair and legal behaviour?I am so sick of people who say that it's OK for a person to do something illegal, let alone it...; Tags: Blogging, SECURITY, Koman, blogger, mentality, Palin; Discussion threads 2008-09-23
Can Google out-cool Apple?: Can Google out-cool Apple?It will be interesting to see......what happens when the phone is physically in stores. I think all of this geek talk will go out the window. It doesn't take a geek to pick up the phone, play around with it for a minute and see that its...; Tags: Keyboards, Telecom & Utilities, OPEN SOURCE, COOLNESS, Apple Inc., Apple iPhone, Google Inc., phone; Discussion threads 2008-09-23

Neighboring Terms

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

BNET Industries
Check out BNET's newest resource for managers and executives. Need to do research on your competitors? Don't have time to read every trade pub? BNET Industries is the new source for daily news, insights, and research on 11 major industries and 9,000 public companies.
The technology industry from a different angle
See what's hot in the auto industry
Stay on top of the energy industry

ZDNet Definition for: Vulnerability

Additional Resources

Neighboring Terms

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads