2.5.2 Software Exploitation

Most computer code has bugs and vulnerabilities of some kind. This can be due to an error by the programmer, or it can be due to weaknesses in the underlying operating system. Either way, with knowledge of the weakness, and with some hacking skill, an attacker can compromise a program, forcing crashes for hijacks, or in the worst case steal data.

The strongest defense against software exploits is to keep current on security patches. Most of the damaging viruses and worms of the last decade have occurred after the patches were available to fix them, but local administrators had not installed them yet. In the remainder of the cases, patches and fixes were published almost immediately after the exploit was discovered. Still, the tendency is to fall behind on security updates, and this creates vulnerabilities.

Application Hardening

Application hardening prevents software exploitation particularly when the software patches have not been developed or deployed. Disabling modification of executable files will prevent attackers from tricking the application into creating executable files infected with worms. Similarly, disabling the spawning functionality will prevent a process spawning attack that tricks the application into spawning executable files. Application hardening also prevents modifying critical operating system files.