Alternatively referred to as a security hole, a vulnerability is a security weakness in a software program that exposes a program or computer to malicious programs and users. For example, an Internet browser could have a vulnerability that crashes the browser or allows someone to read or copy files from your computer when you visit their site.
To help detect vulnerabilities vulnerability scanner tools can be used to locate weaknesses in networks or programs. These tools are computer programs used to gather information that may be used by an attacker to gain illegal or unauthorized access to a network. The information may determine what computers are present along with the operating systems they are running. Once that information is known, then known exploits or recent vulnerability discoveries may be carried out on the targeted system.
Several computer security companies also offer vulnerability scanners and programs that can help detect vulnerabilities on networks and keep it more secure. Costs for security software can vary greatly that can range from a free assessment to high-end report that can cost over $30,000.
Once detected, it is up to the developer of the software program to update or patch the it and prevent the vulnerability from being exploited. However, if the program is no longer supported by the developer, it cannot get fixed and remains vulnerable. If the vulnerability is with a network and not a program, it would be up to the network administrator to correct it.