Imagine if a gang of burglars arrived on your street and started going from house to house each night testing windows and doors to see if any of them could be forced open. While many houses would be perfectly secure, it’s likely that there would be one or two — especially on a long street — that could be burglarized in this way.
This analogy can be applied when we think about software vulnerabilities. A software vulnerability refers to any software flaw that manifests itself in a way that can be negatively exploited by bad actors. While a software bug refers to a part of a piece of software that doesn’t behave exactly as intended, these are mostly just minor annoyances to users. A vulnerability, on the other hand, poses a serious threat to data privacy and system integrity as a whole.
The difference between the burglar analogy and real cybersecurity vulnerabilities has to do with scale. Many cities have a crime problem, but fortunately not every street has a gang of criminals constantly going house to house trying to break in. Such incidents are statistically rare. Software vulnerabilities are another story. Cybercriminals are always looking to exploit new vulnerabilities, and with upward of 23,000 vulnerabilities discovered each year, they have plenty of opportunities to capitalize.
The vulnerability problem
In most cases, software vulnerabilities can be plugged using patches. Patches refer to software updates, usually distributed via downloads, that rewrite problematic parts of a piece of software so as to fix the flaw. Like cyberattackers — only this time fighting on the side of good — reputable developers are constantly on the lookout for vulnerabilities in their own software.
When these vulnerabilities are discovered, a good developer will create a patch and push it out to users. By keeping on top of security focused updates, users can therefore keep themselves protected.
Problem solved, then? Sadly, it’s not quite as simple as that. Keeping on top of patch management can be a major headache. No user will use every piece of software in existence, of course, but most will rely on several dozen software packages. Downloading and installing software…