Relationship between vulnerability and specific system environment and its time-related characteristics
Vulnerabilities will affect a wide range of hardware and software devices, including the operating system itself and its supporting software, network client and server software, network routers and security firewalls. In other words, there may be different security vulnerabilities in these different hardware and software devices. Different kinds of hardware and software devices, different versions of the same device, different systems composed of different devices, and the same system under different settings will have different security vulnerabilities.
Vulnerability is closely related to time. From the day a system is released, with the in-depth use of users, the vulnerabilities of the system will be constantly exposed, and these previously discovered vulnerabilities will be continuously fixed by patches issued by system suppliers, or corrected in new versions of the system released later. The new system will introduce some new vulnerabilities and errors while correcting the vulnerabilities of the old version. Therefore, with the passage of time, old loopholes will continue to disappear and new loopholes will continue to appear. The problem of loopholes will also exist for a long time.
Therefore, it is meaningless to discuss vulnerabilities without specific time and specific system environment. We can only talk about the possible loopholes and feasible solutions in the actual environment, such as the operating system version, the software version running on it, and the service operation settings of the target system.
At the same time, it should be noted that the study of vulnerabilities must follow the latest development of computer systems and their security issues. This is similar to the research on the development of computer viruses. If you can't master new technology at any time in your work, you have no right to talk about system security vulnerabilities, and even your previous work will gradually lose value.
Second, the relationship between vulnerabilities and computer systems with different security levels.
At present, the classification standard of computer system security is generally based on the definition in "Yellow Book". The official name of the orange book is "Evaluation Criteria for Trusted Computer Systems". The definition of trusted system in the Orange Book is: a system composed of complete hardware and software, which can serve an unlimited number of users at the same time and handle information from general secrets to top secrets without infringing access rights.
The Orange Book classifies the acceptable trust of a computer system, and any system that meets certain security conditions and benchmark rules can be classified into certain security levels. The "Orange Book" divides the security performance of computer systems into four grades: A, B, C and D from high to low, among which:
D-minimum protection refers to systems that fail to pass other security level tests, such as Dos and Windows personal computer systems.
Class c-arbitrary protection. The security feature of this level is that the objects of the system (such as files and directories) can be defined by the main body of the system (such as system administrators, users and applications). For example, an administrator can determine the permissions of any file in the system. At present, Unix, Linux, Windows NT and other operating systems all have this security level.
Class b-mandatory protection, the security feature of this class is the security protection of system mandatory objects. In this kind of security system, each system object (such as files, directories and other resources) and subject (such as system administrator, users and applications) have their own security labels, and the system gives users access rights to each object according to their security level.
Class a-verifiable access control (authentication protection ... >; & gt
Question 2: Why does the computer have holes every day? Because all software designs have different defects and loopholes, Microsoft later released various types of patches for the software used in the home and industry to improve the software and fix the loopholes. However, I suggest upgrading only the patches you use. Generally, there is no need to install patches. The more patches are installed, the slower the computer will be. The degree of slowness depends on the original speed of your computer. But even if all patches are installed, they will be infected with the virus, but the probability is different. I don't understand Q 835666822 ("This is an atypical question, from my own words!") Please don't copy my answer. )
Question 3: Why does the program always have loopholes? Because of the development of science and technology, the program will gradually expose some defects, some because of design ideas, some because of design tools, and some may be because of algorithms. In short, only better, no best.
Question 4: The software bug has been updated, that's all. How to solve this problem is that the update has crashed. There is no better way than pressing the key to turn it off. The patching function of the system needs automatic networking, and this function itself is not easy to use, and it often makes mistakes, so there is no better way.
It is recommended to turn off automatic updating, update with software, and make your own decisions on your own time. Download Super Rabbit and ask her to help you download the patch. After selecting quick detection, press the install button, and she will automatically download and install it for you without restarting. So far, Super Rabbit has successfully patched all the patches (for the system, it is not necessary to install all the patches, so Super Rabbit has the functions of quick detection (recommendation), comprehensive detection and customization, and only the patches with serious security vulnerabilities in the system are selected for quick detection, and all antivirus and Trojan killing software you use have this function).
How to turn off automatic updates:
Control Panel -Windows Update- (left) Change Settings-Just change the option under Important Updates to never check for updates (Win78, or reset it here when patching).
You can also use this method. Please start/run gpedit.msc to open the group policy, select User Configuration/Management Templates /Windows Components /Windows Update on the left, and delete access with all Windows Update functions on the right. Double-click it, select Enable in the dialog box that opens, and then press OK to restart the computer.
Question 5: There are system vulnerabilities and software vulnerabilities in the computer. Does it affect the computer? Important dangerous loopholes need to be fixed. Failure to repair and restore will lead to virus invasion, and some small loopholes do not matter.
Using Tencent Computer Manager can also fix vulnerabilities.
Download and open Tencent Computer Manager, fix vulnerabilities and fix scanning system vulnerabilities.
Conveniently, all the vulnerabilities of Tencent Computer Manager come from Microsoft official website, which is reliable and safe.
Tencent Computer Manager can also delete the fixed vulnerabilities, that is, if your computer conflicts with the latest vulnerabilities, it is not a problem as long as it is deleted in "Installed".
Question 6:360 antivirus software installed win7 system. Why are there so many loopholes? How to deal with it? Installing antivirus software on a friend's system and vulnerabilities are two different things. System vulnerabilities are Microsoft's problems, but Microsoft will release patches to fix them. I suggest you use 360 security guards to fix vulnerabilities, and whoever owns them will have them. Just fix those high-risk vulnerabilities.
Question 7: Why does 360 antivirus software always remind you of high-risk vulnerabilities? The high-risk vulnerabilities it reminds are systematic. Seeing this prompt, you can use the computer housekeeper to fix the vulnerability.
The patches it uses to fix vulnerabilities come from Microsoft. The patches screened by professionals filter out unstable patches pushed by Microsoft and patches that users don't need, such as genuine verification patches. You can rest assured to fix them.
Question 8: How to detect the security vulnerability of APP, and what tools can be used to detect it? At present, the vulnerability detection tool I often use is AISI, because AISI will detect the confidentiality of the program in different degrees and in different ways according to the application characteristics, including whether the code is confused, whether the DEX and so library files are protected, and whether the program signature and authority management are complete. Component security detection mainly focuses on whether there are loopholes in activities, broadcast receivers, services, WebView, intentions, etc. , and give targeted suggestions; Data security will comprehensively detect data leakage vulnerabilities in the APP and all data security-related vulnerabilities such as the output layer and the protocol layer, so as to ensure that all vulnerabilities in the APP that may lead to account leakage are detected.
Question 9: Thunderbolt software assistant, what should I do if I remind you that there is a loophole? Open windows update.
Question What is the difference between windows automatic update and antivirus software update vulnerability? Hello, windows automatic update is to let you choose your own vulnerabilities to fix (you need some computer knowledge).
However, the vulnerability update of antivirus software automatically helps you choose the vulnerability you need to fix (computer white can also fix it).
Here, I recommend that you use Tencent Computer Manager to fix the vulnerability with one click. Step: Computer Manager-Toolbox-Fix Vulnerabilities.
I hope my answer can help you! If you have any questions, please enter the computer housekeeper enterprise platform! thank you