Most computer users must have heard of the three terms: Vulnerability, Exploits, and Exploit Kits. You may also know what they mean. Today we will see what are Security Vulnerabilities and what are Zero-day vulnerabilities.
What is a Security Vulnerability
A computer security Vulnerability is a ‘hole‘ in any software, operating system or service that can be exploited by web criminals for their own benefits. There is a difference between bugs and vulnerabilities, though both are the result of programming flaws. A bug may or may not be dangerous for the product. A Software Vulnerability, however, has to patched as soon as possible, as web criminals can take advantage using the vulnerability. A bug fix can wait as if it does not help web criminals in compromising the product. But a vulnerability, which is a bug that is open to people, can use it to gain unauthorized access to the product and via the product, to different parts of a computer network, including the database. Thus a vulnerability has to be addressed urgently, to prevent exploitation of the software or this service. Some of the recent examples of Vulnerabilities are Shellshock or BASH vulnerability, Heartbleed and the POODLE vulnerability.
Microsoft defines a Vulnerability as follows:
A security vulnerability is a weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of that product.
It then breaks down the definitions to make it easier to understand it – and lays down four conditions for anything to be classified as a vulnerability:
- A weakness in a product refers to any type of weakness, and we can term it overall as a bug. As explained above, a vulnerability is definitely a bug, but a bug need not be a vulnerability all the times. A lower cipher strength can be a weakness of the product. An unwarranted additional code may be a weakness that makes the product longer to respond. There can be many examples.
- Integrity of Product means trustworthiness. If the above weakness is bad enough that it allows exploiters to misuse it, the product is not integrated enough. There is a question mark as to how safe is the product.
- Availability of the Product again refers to the weakness whereby an exploiter can take over the product and deny access to it for authorized users.
- Confidentiality of the Product is keeping the data secure. If the bug in the system allows for unauthorized people to collect others’ data, it is termed vulnerability.
Thus, according to Microsoft, a bug has to meet the above four criteria before it can be termed as a vulnerability. A normal bug fix can be created with ease and may be released with service packs. But if the bug meets the above definition, it is a vulnerability. In such a case, a security bulletin is issued, and a patch is made available as soon as possible.
What is a zero-day vulnerability
A zero-day vulnerability is previously unknown vulnerability in software, which gets exploited or attacked. It is called zero-day, since the developer has had no time to fix it, and no patch has been released for it yet. Using the Enhanced Mitigation Experience Toolkit on Windows is a great way to protect your system against zero-day attacks.
Secure & protect yourself against Vulnerabilities
The best way to protect yourself against vulnerabilities is to ensure that you install updates and security patches for your operating system as soon as they are released, as well as ensure that you have the latest version of any software installed on your Windows computer. If you have Adobe Flash and Java installed on your computer, you will have to take particular care to ensure that you install their updates as soon as possible, as they are among the most vulnerable software and are a commonly used vector – and vulnerabilities in them are being discovered every other day. Also, ensure that you install a good Internet security software. Most such software includes a Vulnerability Scan feature that scans your operating system and software and helps you fix them in a click.
There are several other software that can scan your computer for vulnerabilities in your operating system and installed software. Secunia Personal Software Inspector, SecPod Saner Free, Microsoft Baseline Security Analyzer, Protector Plus Windows Vulnerability Scanner, Malwarebytes Anti-Exploit Tool and ExploitShield are some of the better known free tools available for Windows. These tools will scan your computer for operating system vulnerabilities & unprotected fragments of program code, and typically detect vulnerable and out-dated software and plug-ins which expose your otherwise updated & secure Windows computer to malicious attacks.
Tomorrow we will see what are Exploits and Exploit Kits.