In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw.
Vulnerabilities – within an operating system (OS) or an application – can result from:
- Program errors
Whereby an error in the program code may allow a computer virus to access the device and take control
- Intended features
Legitimate, documented ways in which applications are allowed to access the system
If vulnerabilities are known to exist in an operating system or an application – whether those vulnerabilities are intended or not – the software will be open to attack by malicious programs.
Eliminating System Vulnerability
Of course, it’s possible to design an OS in a way that prevents new or unknown applications from gaining reasonably broad or complete access to files stored on the disk – or getting access to other applications running on the device. In effect, this type of restriction can boost security by blocking all malicious activity. However, this approach will also impose significant restrictions on legitimate applications – and that can be very undesirable. (Source: Kaspersky Lab)