Vulnerability Exposure And Security Exposure - 1593 Words

According to Microsoft, a â€Å"vulnerability is a security exposure that results from a product weakness that the product developer did not intend to introduce and should fix once it is discovered† (Microsoft, 2015). A vulnerability is a flaw in an asset which could be exploited by a threat. Where there is a window of vulnerability, there is always a threat. Vulnerability exposure is one of the most important security issues Information Technology managers face. â€Å"An information security ‘exposure’ is a system structure issue or a fault in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network† (CVE, 2013). With the globalization of the internet, vulnerabilities in†¦show more content†¦Patches can be conveyed in three diverse ways; as a patch to the source code of a program, a patch to the compiled binary code, and a complete ï ¬ le(s) replacement (White, 2007). Developers will release patches as vulnerabilities arise; the patches can be received through a global wide area network (WAN). This allows the users to update their systems as soon as possible after a vulnerability is found. Patch management involves making sure that that all of the released patches from vendors are installed in a timely manner, at both an operating system and application level (Vacca, 2013). This includes managing these updates according to the organizations’ business schedule and having emergency procedures set in place in the event of an outbreak. Patching vulnerabilities may be time consuming, this is why many IT managers, IS managers and the general consumer need to be proactive in managing their systems. Patches may be created in various sizes from just a few kilobytes to hundreds of megabytes. Service packs (SP) are issued by developers when the sizes of the individual patches reach a limit. Typically anything over 100 megabytes in Microsoft is considered a service pack. Many administrators wait for the service pack to be released rather than individual patches. Developers release patches and updates rather frequently, for example, Microsoft