12 Days of Cryptmas: Day 9 – Nine software vulnerabilities

A software vulnerability is a defect in software that could allow an attacker to gain control of a system.

The defects that cause software vulnerabilities can result from flaws in how the software is designed, problems with the software’s source code, poor management of data or access control settings within the application or any other type of issue that attackers could potentially exploit.

To take advantage of a vulnerability, an attacker must first discover the vulnerability. Attackers can do this in a variety of ways. But to provide an example, one common technique for finding vulnerabilities is to run port scanning software, like the open source tool Nmap, which can collect information about which services are running on a server or computer, and even which specific operating system is installed. With that information, the attacker can determine whether the services or operating system are subject to any known vulnerabilities.

Then, the attacker must devise a method for exploiting the vulnerability. Here again, exploit methods vary widely, but they may involve techniques like injecting malicious code into an application or bypassing access controls. Some vulnerabilities can be exploited remotely, meaning that attackers can take advantage of the security weakness over the network. Others require direct physical access to the infrastructure that hosts the vulnerable software.

If the exploit is successful, the attacker will gain the ability to perform malicious actions within the compromised application or its host system. Depending on the nature of the vulnerability, these actions could include activity like exfiltrating sensitive data, running malicious commands, planting malware or disrupting critical services in order to cause problems for the business.

The best way to deal with a software vulnerability is to prevent it from happening in the first place.  Software developers need to learn secure coding practices, and automatic security testing must be built into the entire software development process.

But again, it’s impossible to guarantee that the code your business depends on is not subject to vulnerabilities. For that reason, it’s important to leverage vulnerability scanning. Vulnerability scanning is the process of automatically scanning application source code and/or binaries for known vulnerabilities. If scanners detect an application component that is known to be vulnerable, they alert developers so that they can fix the issue.

Vulnerability scanners don’t always detect every potential vulnerability; in particular, they may not be able to catch vulnerabilities that have not yet been publicly identified or disclosed. But they do protect against the vast majority of vulnerabilities.

Once you’ve detected vulnerabilities, you should assess how severe each one is. Depending on the amount of harm each vulnerability can cause and how easy it is to exploit, the vulnerability may be more or less severe than other vulnerabilities, so you should determine which ones to prioritize.

Finally, formulate and execute a plan for mitigating the vulnerability. The mitigation process will vary depending on the nature of the vulnerability, but in many cases, fixing the vulnerability involves either updating source code, applying a patch or updating to a newer version of the vulnerable application component. Alternatively, if no fix is available and you can’t implement it yourself, you can take steps to prevent the vulnerability from being exploited by, for example, updating the application’s configuration such that the conditions required for exploitation are not present.

This time of year can be stressful; Your bank account doesn’t need the added stress of giving presents to scammers. Contact us at Netier today to discuss how they can help manage security for you.