ACS Distance Education UK
Software vulnerability control refers to the means of managing vulnerability of software and minimising the possibility of having the vulnerabilities exploited by malicious intent.
Software vulnerability control is considered to be one of the most important steps in securing computer systems and computer networks, for the following reasons:
Some people believe that viruses would not have existed if software did not have multiple vulnerabilities which could be exploited but even if viruses hadn’t existed, there would still be a couple of tools that allow would be used by malicious third-party to obtain unlawful access to information systems and cause widespread damage, these tools are:
It is also possible to gain unauthorized access to computer networks if firewalls are not setup or if they are setup but not configured properly. Firewalls will be explained in more detail in lesson six.
To limit the scope of vulnerability for viruses and Trojan horses on computer and information systems, some of the following counter measures can be adopted:
Running virus protection software
Every organisation should purchase and install virus scan software on all their computers and servers. After installing the software, it is important to set it up and configure it properly, so that any virus that attempts to infiltrate their computer systems can be detected and caught.
Any virus scan software can only detect viruses that are stored in its own database. This means that the software will not be able to detect any new or unknown viruses that haven’t been loaded into its database. For this reason, it is important to constantly apply patches to the software and to keep the virus database updated with automatic updates. Patches will help reduce the vulnerabilities that virus programs try to exploit, and updating the virus database will allow the virus scan software to download the latest virus definition and become aware of any newly discovered viruses.
To maximise the operation efficiency of the virus scanning software, it should be setup to perform the following operations:
Updating security patches for Software
Before you can update the security patches for all software in an organisation, you need to follow a couple of steps, such as: