Vulnerabilities 101

"Vulnerabilities" in the context of computer security refers to any implementation or design flaw that can lead a program to execute code or deliver results not originally intended by the author. These flaws can lead to a number of different scenarios including:

• Crashing (or disabling) a running program
• Disclosing sensitive information
• Running code supplied by an attacker
• Escalating privileges to gain access to restricted resources

An example of a security vulnerability is the Microsoft RPC/DCOM vulnerability that was found in Aug 2003. This is a flaw in a core part of all the modern MSWindows operating systems that allows a remote attacker to run code of their choice as the LocalSystem user (the highest privileges in Windows). This effectively means that the computer can be completely controlled by someone from across the internet without the knowledge of the legitimate user. More details about this vulnerability can be found here.

Since most people retain physical control of their computer under normal circumstances, the most significant vulnerabilities for the home user are the ones that are remotely exploitable. There are a number of ways that a vulnerability on your home computer can be exploited remotely:

• Through the web browser
• Through an email client
• Directly from the network
• Through any other program that gets data from the internet

Security vulnerabilities are actively exploited internet-wide usually with little discrimination of targets. If your computer is vulnerable and unprotected on the internet, it is likely to be exploited regardless of the value of information on it. A hacker can use your computer to cover the tracks of other illegal activity, to assist in CPU intensive operations such as password cracking, or to serve illegal or objectionable content to others.

The good news is that you can do something to prevent the exploiting of vulnerabilities on your computer. At minimum the following are required to maintain basic security of any home computer that connects to the internet:

• Keep your operating system up to date
  For most people this means regularly visiting the updates webpage for the operating system that you use. For example:
  • Windows Update
  • RedHat Errata
• Use a firewall
  A firewall protects your computer at the network level by controlling what programs are allowed to connect in and out using the internet. A properly set up hardware or software ("personal") firewall is a must for connecting to the Internet.
• Stay virus free
  Virii and worms can put your computer at greater risk of compromise by opening new vulnerabilities or announcing to other computers that they are vulnerable by attempting to spread. Install a quality anti-virus package and keep it up to date.