A vulnerability is a bug or design flaw in software that allows that software to be used in some malicious and unintended way.
All software has bugs, which are nothing more than mistakes made in the design or implementation of the software. Bugs can take many forms, from simply displaying something improperly, to crashing the application or entire machine.
When a bug can be intentionally triggered and in turn exploited for malicious purposes, that bug is termed a vulnerability.
The results of exploiting a vulnerability may have nothing to do with the software’s primary purpose. All that matters is that the vulnerability can somehow be used by malware – typically to infect the machine on which the software is running.
This article needs additional citations for verification. (September 2018)
Vulnerability refers to the inability (of a system or a unit) to withstand the effects of a hostile environment. A window of vulnerability (WOV) is a time frame within which defensive measures are diminished, compromised or lacking.
The understanding of social and environmental vulnerability, as a methodological approach, involves the analysis of the risks and assets of disadvantaged groups, such as the elderly. The approach of vulnerability in itself brings great expectations of social policy and gerontological planning. Types of vulnerability include social, cognitive, environmental, emotional or military.
In relation to hazards and disasters, vulnerability is a concept that links the relationship that people have with their environment to social forces and institutions and the cultural values that sustain and contest them. “The concept of vulnerability expresses the multi-dimensionality of disasters by focusing attention on the totality of relationships in a given social situation which constitute a condition that, in combination with environmental forces, produces a disaster”. It is also the extent to which changes could harm a system, or to which the community can be affected by the impact of a hazard or exposed to the possibility of being attacked or harmed, either physically or emotionally: "we were in a vulnerable position".
Within the body of literature related to vulnerability, major research streams include questions of methodology, such as: measuring and assessing vulnerability, including finding appropriate indicators for various aspects of vulnerability, up- and down scaling methods, and participatory methods.[clarification needed] Vulnerability research covers a complex, multidisciplinary field including development and poverty studies, public health, climate studies, security studies, engineering, geography, political ecology, and disaster risk management. This research is of importance and interest for organizations trying to reduce vulnerability – especially as related to poverty and other Millennium Development Goals. Many institutions are conducting interdisciplinary research on vulnerability. A forum that brings many of the current researchers on vulnerability together is the Expert Working Group (EWG). Researchers are currently working to refine definitions of “vulnerability”, measurement and assessment methods, and effective communication of research to decision makers.