November 11, 2010

Software vulnerabilities in computing!!

In computer security, a vulnerability is a weakness which allows an attacker to reduce a system's information guarantee.

Software vulnerability is commonly called a "bug" in software which may allow a third party or program to gain unauthorized access to some resource. Software vulnerability control is one of the most important parts of computer and network security for the following reasons.
  • Virus programs use vulnerabilities in operating system and application software to gain unauthorized access, spread, and do damage.
  • Intruders use vulnerabilities in operating system and application software to gain unauthorized access, attack other systems, and do damage.
  • Some software itself may be hostile.

If software vulnerabilities did not exist, I believe that viruses would not exist and gaining any unauthorized access to resources would be very difficult indeed.

This may be due to weak security rules, or it may be that there is a problem within the software itself. In theory, all computer systems have vulnerabilities; whether or not they are serious depends on whether or not they are used to cause damage to the system.

A software vulnerability is a state in a computing system (or set of systems) which either:
  • allows an attacker to execute commands as another user
  • allows an attacker to access data that is contrary to the specified access restrictions for that data
  • allows an attacker to pose as another entity
  • allows an attacker to conduct a denial of service

When an attack is made possible by a weak or inappropriate security policy, this is better described as 'exposure':

An exposure is a state in a computing system (or set of systems) which is not a universal vulnerability, but either:
  • allows an attacker to conduct information gathering activities
  • allows an attacker to hide activities
  • includes a capability that behaves as expected, but can be easily compromised
  • is a primary point of entry that an attacker may attempt to use to gain access to the system or data is considered a problem according to some reasonable security policy

When trying to gain unauthorized access to a system, an intruder usually first conducts a routine scan (or investigation) of the target, collects any 'exposed' data, and then exploits security policy weaknesses or vulnerabilities. Vulnerabilities and exposures are therefore both important points to check when securing a system against unauthorized access.

Only approved software should be operated on the organization's network. This is so hostile programs cannot gain access to the network. Hostile programs may be written with some useful functionality, but may perform a hidden task that the user is not aware of. This type of hostile program is normally called a "Trojan Horse". The ways to help determine whether a program is hostile may include:
  • Does the progam come from a reliable source?
  • Is there proof that the program came from the source such as a digital signature?
  • If the source code is available for the program, the code may be checked to be sure there is no hostile content.
  • A reliable third party may be able to check out the software and certify that it is safe.
  • Does the creater of the program attempt to hide their identity? If the creator of the program attempts to hide their identity then there may be reason for suspicion. If the program creater does not hide their identity and can be reached, it is less likely that the program is a hostile program.
  • Has this program been run by other people or organizations for some period of time with no adverse consequences?

Computer security is not an exact science and it is a matter of reducing the chance of an intrusion. Probably the best method of being sure of the reliability of a program is to allow a reliable third party to check the program. I believe it is likely that these services may become more popular in the future. Program writers may even send source code to these service providers for certification with source code covered by a nondisclosure agreement.

6 comments:

Do you recommend keeping windows firewall or third party anti-virus or firewall program to fight this type of vulnerability

Does vulnerabilities are applicable only for applications and programs or Is it applicable for Operating Systems? Is there any vulnerability in Windows 7?

Is there any Antivirus program to detect these flaws and to protect the computer data and resources from being damaged with these kind of viruses?

@Email Client Support: Windows Firewall is better than no firewall, but it doesn't offer the same protection as a third-party product. Microsoft recommend that you install security software: http://tinyurl.com/VirusTexpert

@PC Optimization: Yes, recently Microsoft warned users of Windows 7 Aero and IE vulnerability in Windows Shell Could Allow Remote Code Execution and information disclosure!

@Hardware Texpert: No, unknown viruses will not be stopped by the Antivirus, patching applications will help eliminate the vulnerabilities that virus programs will exploit.

Using Digital signature is usually advised As it helps in encryption and decryption also authentication.It really helps if you recognize the source of message.Many people just don't care unless they have some such data to share

Post a Comment

Related Posts Plugin for WordPress, Blogger...

Search This Blog

Followers

Categories

Twitter Delicious Facebook Digg Stumbleupon Favorites More