Vulnerability
A vulnerability is a bug or security flaw in an application or operating system that provides the potential for a hacker or virus writer to gain unauthorized access to, or use of, a user’s computer. The hacker does this by writing specific exploit code.
Once a vulnerability has been discovered (either by the developer of the software or someone else) the vendor of the application typically creates a ‘patch’ or ‘fix’ to block the security hole. As a result, vendors, security experts and virus writers are engaged in a never-ending race to find vulnerabilities first.
During recent years, the time-lag between the discovery of a vulnerability and the creation of exploit code that makes use of it has diminished. The worse-case scenario, of course, is a so-called ‘zero-day exploit’, where the exploit appears immediately after the vulnerability has been discovered. This leaves almost no time for a vendor to create a patch, or for IT administrators to implement other defensive measures.
Read more:
*source: CVE - Common vulnerabilites and Exposures
Internet threat level: 1
