G 0.28 Software Vulnerabilities or Errors

For any software: the more complex it is, the more frequently errors occur. Even with intensive testing, most errors are usually not detected before delivery to customers. If software errors are not detected in time, the crashes or errors that result from their use can have far-reaching consequences. Examples include incorrect calculation results, poor decisions by organizational management, and delays in the execution of business processes.

Software vulnerabilities or errors can lead to serious security gaps in an application, an IT system, or all IT systems connected to it. Such security gaps can potentially be exploited by attackers to introduce malware, read data without authorization, or carry out manipulations.

Examples:

• Most warnings from Computer Emergency Response Teams (CERTs) in recent years have related to security-relevant programming errors. These are errors that occur during software development and cause the software to be misused. A large part of these errors was caused by buffer overflows.
• Internet browsers are today an important software component on clients. Browsers are often used not only to access the Internet, but also for internal web applications in companies and government agencies. Software vulnerabilities or errors in browsers can therefore have a particularly strong impact on information security overall.