Introduction
In this rapidly evolving world, the use of technology has dramatically increased over the last two decades. This technology has provided the world with the ability to complete daily tasks quickly and more efficiently. However, these innovative technologies need to be supported by another form of technology called operating systems. Operating systems are a critical part of the technology we use, especially within computers or laptops. These operating systems oversee many things from the memory of the computer to the processes that occur within a computer. Without these operating systems, computers and laptops will be unable to function properly and become useless. There are three common operating systems that are used within our technology, which are Microsoft Windows, macOS, and Linux. Out of these three, the most used in the world is Microsoft Windows. It is widely used within the world because it is considered more user-friendly and most compatible with other technological software. While Microsoft Windows is a great operating system that has improved the technology we use, it also brought many security vulnerabilities. These security vulnerabilities are detrimental to the operating system as well as the technology it is stored in. This paper will show an analysis of the security vulnerabilities attached to Microsoft Windows as well as the lifecycle of these security vulnerabilities within a Windows System. On top of this, it will also show how the data is affected by these vulnerabilities and how a person or company can prevent these vulnerabilities from occurring or causing more damage.
What are Security Vulnerabilities?
The security vulnerabilities within Windows systems are known as CryptoAPI, Remote Desktop Gateway, and Remote Desktop Client. These three security vulnerabilities create massive issues for the Windows systems. All three of these security vulnerabilities grant cybercriminals and hackers the ability to take control of the Windows systems. CryptoAPI grants hackers the ability to control through a fake certificate. RDG and RDC grant the cybercriminal or hacker the ability to take control through the process of remote code execution. When examining the security vulnerabilities that are attached to Microsoft Windows systems the effects of these vulnerabilities can vary. On average the time it takes for a person or organization to remedy a security vulnerability is around 58 days (about 2 months). If a security vulnerability has fully compromised or taken control of the Windows systems, the time to remedy this dramatically increases to 205 days (about 6 and a half months). Mitigating and preventing these security vulnerabilities is necessary since these Windows systems are used in all aspects of technology whether it be in a social manner or a business manner. The importance of mitigating and preventing these security vulnerabilities is because it is not just the Windows system being affected; it is also the data that the Windows system stores.
Can Data be affected by Security Vulnerabilities?
Security vulnerabilities not only pose a threat to the actual Windows system but also pose a threat to the data that is stored within the system. While some cybercriminals and hackers look to take advantage and sabotage the Windows system, others look to damage the data that is stored inside the system. Windows systems store valuable data and information that allow it properly to function when we use it. If a security vulnerability is exploited by a cybercriminal or hacker it can lead to the Windows system experiencing damage to its software applications, drivers, or files. These security vulnerabilities can also damage the internal workings of the computer or laptop that is using the Windows systems. The internal workings of the computer or laptop that can be damaged include the motherboard, CPU/processor, RAM, and hard drive. With the internal workings of the computer or laptop being exposed to security vulnerabilities, it can lead to many issues regarding personal data and information. Since cybercriminals are exposing the data, it can lead to instances of identity theft which can damage a person’s credit score or their financial account. Looking from a business perspective, these security vulnerabilities could lead to data breaches that affect the business, employees, and consumers. These data breaches could lead to exposure of personal and confidential information about the company, its employees, and its consumers. These data breaches can also create instances of decreased reputation since the business was unable to stop the exposure of data. A decrease in reputation could result in a loss of trust amongst its employees and consumers. It could also jeopardize future business deals with other companies. Both individuals and businesses can experience legal consequences because of these security vulnerabilities. Individuals and businesses could face hefty fines as well as lawsuits depending on how much data was stolen, changed, or deleted.
Security vulnerabilities within Windows systems bring about many challenges that affect the system itself as well as the data it stores. While security vulnerabilities are bound to happen, it is necessary to take the right precautions to prevent the complete loss of the system as well as the data. Proper management and monitoring of a Windows system will allow an individual or business to recognize whether a security vulnerability is causing problems. This includes the constant updating of the current Windows system. Updating allows for the system to be installed with proper security patches. While the Windows system has its own protection the implementation of antivirus software will act as another line of defense. The antivirus software will help block unauthorized access and malicious software. While it is important to protect the system it is also important to manage and monitor the data within the Windows system. An individual or business can manage and monitor the data within the Windows system by using data backups. Data backups allow for an individual or business to regularly back up confidential or personal data if a security or data breach occurs. This allows for the individual or business to know that this information is protected from a cybersecurity attack. Proper management and monitoring of the Windows system and the data it stores is a vital aspect for individuals and businesses to safeguard sensitive information, uphold privacy, and reduce the risks attached to security vulnerabilities.
Conclusion
A security vulnerability is a common occurrence within the operating systems that are attached to our technology. These security vulnerabilities bring many challenges and problems for operating systems, especially Microsoft Windows. With Microsoft Windows being the most common operating system, it brings into the picture many security vulnerabilities that can hinder its success. These security vulnerabilities bring about instances of exploitation, execution, and control. These instances of exploitation, execution, and control can leave a Windows system compromised for a maximum of 205 days. Individuals and businesses must strive for mitigation and prevention of these security vulnerabilities to protect the Windows system as well as the data it stores. Protecting the Windows system is just as important as protecting data because the data that is stored is personal and confidential. Exposure of this data could lead to challenges that affect how an individual lives or how a business operates. Protecting the data will guarantee that the individual’s information is safeguarded, while protecting the Windows system will guarantee that the security vulnerabilities effects will be reduced.
Works Cited
Alhazmi, O., Malaiya, Y., & Ray, I. (2005, August). Security vulnerabilities in software systems: A quantitative perspective. In IFIP Annual Conference on Data and Applications Security and Privacy (pp. 281-294). Berlin, Heidelberg: Springer Berlin Heidelberg.
Arbaugh, W. A., Fithen, W. L., & McHugh, J. (2000). Windows of vulnerability: A case study analysis. Computer, 33(12), 52-59.
Alhazmi, O. H., Malaiya, Y. K., & Ray, I. (2007). Measuring, analyzing and predicting security vulnerabilities in software systems. computers & security, 26(3), 219-228.
Eschelbeck, G. (2005). The Laws of Vulnerabilities: Which security vulnerabilities really matter?. Information Security Technical Report, 10(4), 213-219.
Jang, Y., Song, C., Chung, S. P., Wang, T., & Lee, W. (2014, November). A11y attacks: Exploiting accessibility in operating systems. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (pp. 103-115).
Phillips, C., & Swiler, L. P. (1998, January). A graph-based system for network-vulnerability analysis. In Proceedings of the 1998 workshop on New security paradigms (pp. 71-79).
Telang, R., & Wattal, S. (2007). An empirical analysis of the impact of software vulnerability announcements on firm stock price. IEEE Transactions on Software engineering, 33(8), 544-557.