Alternatively referred to as a security hole, a vulnerability is a security weakness in a software program that puts the program or computer at risk of malicious programs and users. For example, an Internet browser could have a vulnerability that crashes the browser or allow someone to read or copy files on your computer when you visit a web page with malicious code.
To help detect vulnerabilities vulnerability scanner tools can be used to locate weaknesses in networks or programs. These tools are computer programs used to gather information that may be used by an attacker to gain illegal or unauthorized access to a network. The information may determine what computers are present along with the operating systems they are running. Once that information is known, then known exploits or recent vulnerability discoveries may be carried out on the targeted system.
Several computer security companies also offer vulnerability scanners and programs that can help detect vulnerabilities on networks and keep it more secure. Costs for security software can vary greatly that can range from a free assessment to high-end report that can cost over $30,000.
Once detected it is up to the developer of the software program releasing a software to update or patch the software and prevent the vulnerability from being exploited. However, if the program is no longer supported by the developer, it cannot get fixed and remains vulnerable. If the vulnerability is with a network and not a program, it would be up to the network administrator or another administrator to correct the vulnerability.