Security Solutions India


Access Control & Security Systems Online Directory



Browse Categories

Asset Protection

Data and Information Security
Software and Security

You are here: Home >>Computer and Information security>>Software Vulnerability control

Software Vulnerability Control

A software vulnerablilty is some defect (commonly called a "bug") in software which may allow a third party or program to gain unauthorized access to some resource. Software vulnerability control is one of the most important parts of computer and network security for the following reasons.

  • Virus programs use vulnerabilities in operating system and application software to gain unauthorized access, spread, and do damage.
  • Intruders use vulnerabilities in operating system and application software to gain unauthorized access, attack other systems, and do damage.
  • Some software itself may be hostile.


There are several countermeasures that may help ensure that unauthorized and possibly hostile virus or trojan software does not run on your systems. These countermeasures also limit the scope of the vulnerability. Countermeasures include:

  • Run virus scan software on every organizational computer and update the virus scan database at least twice per week. Perform a full scan at least once per week.
  • Keep software security patches updated - Get on computer security advisory mailing lists and update applicable software. With some systems such as Windows systems you can set up a server to automatically update systems on your network. One way to do thin in Windows 2000 systems and above is to use a systems update server (SUS) and set your Windows domain policies to have all computers regularly updated with approved updates as they are released by Microsoft.
  • Only allow approved software to be run on your computer systems so hostile trojan programs are not run. This may involve locking your users down so they cannot install software on their computer systems.
  • Limit services on all servers and workstations to the minimum required. Be sure the network administrator is aware of all operating services especially on all servers.
  • Run vulnerability scanners both inside and outside your network to find computers with vulnerabilities so you will know which ones need patched. The cost of this should be weighed against the security need.

Running Virus Scan Software

Virus scan software should be run on every computer within the organization. This will detect known viruses when they attempt to infiltrate the system if the virus scan software is setup correctly. Keep in mind however that virus scan software will only detect viruses in its database, so there are two concerns:

  • Unknown viruses will not be stopped by the scanner - This is why patching applications is very important. Patching applications will help eliminate the vulnerabilities that virus programs will exploit.
  • The virus database must be updated at least weekly so as new viruses are discovered, they will be found by your virus scanner programs. these updates may be downloaded from the maker of the virus scan software. They are normally executable files which update the database on the client computers. The executable file can be placed in the user's network login script program so it will run when they boot their system. In some cases it may be best to test the virus update before runing it on the entire system.

To be most effective, virus scanner programs should be set up to do the following:

  • Perform regular weekly or monthly scans of the entire computer system's local drives.
  • Scan all files when a scan is performed and don't allow any exclusions of any directories such as the recycle bin.
  • Be sure to prompt for user action when a virus is found. this way the user is more likely to be aware of where the virus came from and they can call your IT staff.
  • Set the system to scan files when a file is run, copied, renamed or created.
  • Set up e-mail scanning to scan e-mail attachments. this can also be done at the firewall, but should be done at least either at the firewall or on all client computers. Scanning at both locations may be a good idea if it is feasible.
  • You may also want to scan web content for hostile content either at the firewall or client computer depending on your setup. You should know that scanning for hostile e-mail or web content on the firewall may overburden your firewall. Many firewall organizations recommend that the scanning be done on a separate computer. How this is done will depend on your situation, but you should at least determine the process load on the firewall before adding this capability.

Related Topics on Computer and Information security

  1. Software Vulnerability Control
  2. Firewall Protection
  3. Network Intrusion Detection
  4. Network Port Scanning
  5. Network Tools passwords
  6. Types of attacks
  7. Application Level Protection
  8. Systems Protection
  9. Mail and Security
  10. Hostile Software

For more topics and tutorials visit -

Browse the subcategories

Computer And Information Security
CCTV, Surveillance Systems, Equipment & Components
Access Control Components, Equipment And Systems
Alarms, Burglar, Electronic Systems, Equipment & Components
Fire Protection, Detection & Controls
Intrusion Detection
Perimeter Security, Fences, Ballistic
Security & Specialty Services
Security Design Services
Facilities Systems

Find Products for :-


Find Solutions for:-
Complete information on security services, guarding services, investigators, detectives and security systems. We also have a online directory guide of the companies providing services the above services in different states of India like Delhi, Mumbai, Gurgaon, Banglore, Noida etc.


A Directory on Insurance as well as Insurance related topics updated to the latest. A total solutions site for your basic to advanced Insurance needs


Want a loan? Learn the pros and cons for taking a loan and lots of information for your finance problems.


Plan a trip to India! Visit the beautiful, culture rich country having diverse climates, castes, languages and creed. Each visit will add a new experience in your life, select your tour and make a trip to India with us



  © Copyright 2005. securitysolutionsindia. All Rights Reserved.