Exploit
Monday, September 28, 2009 11:00In the security arena, an exploit means a program, procedure, or a technique used to take advantage of a security vulnerability or hole in a computer program or application. Basically, it is a form of attack against a computer system which takes advantage of known weaknesses.
A special type of exploit called a Zero-Day Exploit is an attack method that takes advantage of an unknown weakness or a vulnerability that has just been announced before a patch for the weakness has been developed or distributed to users of the software program or application.
The big issues with exploits is that the time between when the vulnerability or weakness is discovered and an exploit is developed or written is getting shorter as time goes by. To keep up with vulnerabilities and exploits, it is good to sign up for one of the many e-mail lists that track them. Information is key to being aware of security issues. One of my favorite vulnerability newsletters is SANS.org which has a number of e-mail lists including @Risk: The Consensus Security Alert which I find very useful in keeping up with vulnerabilities and related information.
Related posts: