This chapter describes how with the proliferation of internet users, internet-related security threats are also increasing rapidly because of the software vulnerabilities that arise in software. Basically, there are two terms: bug and vulnerability. No doubt, bug and vulnerability are due to programming errors but vulnerabilities are more dangerous than bugs. Software vulnerability is a kind of flaw that arises in software or is a hole in the security of the software that allows an attacker to exploit that flaw. Unlike bugs, software vulnerability can affect a whole network thereby allowing unauthorised access to the database itself. Integrity and confidentiality of the software product is compromised due to the software vulnerability. These flaws must be patched in order to minimalize the impact of software vulnerability on an organisation. This chapter familiarises the methods of managing software vulnerabilities and discusses mitigation of the risks of different vulnerabilities in a software.
TopIntroduction
A software vulnerability is a flaw in the software due to which the security of the system is compromised. Buffer overflow is one of the vulnerabilities that arises in software systems. This flaw makes the system unresponsive or results in system crash especially when the file is opened by the user and that is too heavy for the program to read. However, these commonly encountered flaws become a major cause of security concern when vulnerability is uncovered and the research is conducted about it. Sometimes a malicious user gets control over the administrator privileges and infects the whole system with malware. All software’s or all operating systems comprises of vulnerabilities. A malicious user can easily target the software vulnerabilities even if the software is not showing any sign of attack (DongIlSeo,2013).
Vulnerability management involves the cyclical practice of identification, classification, remediation, and mitigation of vulnerabilities. Repetition of this process helps in mitigating the vulnerabilities in the software effectively. The term vulnerability is often confused with a risk. No doubt, a risk can lead to significant loss as that of a vulnerability but it is not mandatory that all vulnerabilities will involve a risk. There can be vulnerabilities without risk especially when the affected asset has no value. An exploitable vulnerability is basically a vulnerability with one or more instances of fully implemented attacks. An exploit exists for an exploitable vulnerability. An exploit is a code that an attacker creates to target a software vulnerability in applications like multimedia, security programs. There is also a window of vulnerability that decides a time between when a security flaw is introduced in the system that compromises system security and the time when an attacker is disabled. Apart from software vulnerabilities, vulnerabilities can also exist in hardware, site or personnel.
Figure 1 shows the vulnerability management. An attacker can attempt to target a vulnerability in many ways. An exploit is responsible for dropping a malware onto the vulnerable system. This is basically a code that is created in order to target the software vulnerability. After the successful execution of the exploit, a copy of the malware is dropped into the malware system.
Figure 2. Impact of software vulnerabilities
Figure 2 shows the impact of software vulnerabilities.
TopHow Does Intelligence Help In Reducing The Risk Of Software Vulnerability?
Many programming languages comprises of vulnerabilities. For instance, an adobe flash player is supported by java programming language. This program sometimes prompts the user to download plug in and that plug in contains within it a malicious code that takes advantage of the vulnerability in the system thereby compromising it.
It is not mandatory that all software vulnerabilities will infect the system with malware. Actually, there is a term named “Vulnerability Intelligence” that makes use of intelligence in managing software vulnerabilities. The concept of vulnerability intelligence takes into account only those vulnerabilities that can really affect an organization or compromises with its security. First, there is a need to filter only those vulnerabilities that can really affect the system or an organization. In this way, these focused vulnerabilities will assist in improving an overall performance of the software system and also mitigating its level of risk (Zavarsky, 2011).
Figure 3. Role of vulnerability intelligence in risk mitigation