Chapter 30 Β· Helper 1

Glossary of Terms

Key vocabulary for OS Vulnerabilities.

Operating System Vulnerability
A security flaw in the code of an operating system that can be exploited to allow unauthorized actions. Because operating systems are foundational platforms running on every device, their vulnerabilities affect every application and user on the system. Vulnerabilities are introduced through coding errors, design flaws, or unanticipated interactions between components. They may exist undiscovered for months or years before researchers or attackers identify them.
Patch Tuesday
Microsoft's scheduled monthly security update cycle, occurring on the second Tuesday of each month. On Patch Tuesday, Microsoft releases a consolidated set of security patches for all supported Windows versions and related products. Other major vendors follow similar scheduled release cycles. The predictable schedule allows organizations to plan their patch management and testing processes β€” but also allows attackers to anticipate when new vulnerability details will be published.
Remote Code Execution (RCE)
A category of OS vulnerability that allows an attacker to execute arbitrary code on a target system from a remote location β€” without physical access or prior authentication. RCE vulnerabilities are among the most severe: a successful exploit allows the attacker to run any code they choose on the target machine, potentially establishing persistent access, installing malware, or exfiltrating data.
Elevation of Privilege (EoP)
A vulnerability that allows an attacker or process to gain higher system privileges than they were granted. A standard user account exploiting an EoP vulnerability might gain administrator or SYSTEM-level access. Often used as the second stage of an attack: an attacker gains initial access with limited privileges, then uses an EoP vulnerability to escalate to full control of the system.
Security Feature Bypass
A vulnerability that allows an attacker to circumvent a security control built into the operating system β€” such as User Account Control (UAC), code signing enforcement, or Secure Boot. Security feature bypass vulnerabilities do not directly execute code or grant privileges, but they remove a layer of protection that other exploits rely on being blocked by.
Information Disclosure
A vulnerability that exposes sensitive data to unauthorized parties. This may include memory contents, file system paths, configuration details, credentials, or other data the operating system was supposed to protect. Information disclosure vulnerabilities are often chained with other vulnerabilities β€” the disclosed information (such as a memory address) is used to make a more severe exploit reliable.
Denial of Service (DoS)
A vulnerability that allows an attacker to crash, freeze, or make a system or service unavailable. An OS-level DoS vulnerability can render a machine completely unresponsive. While not providing the attacker with access or data, DoS attacks against critical infrastructure β€” servers, network devices, healthcare systems β€” can cause significant operational harm.
Spoofing Vulnerability
A vulnerability that allows an attacker to impersonate a legitimate user, system, or process. OS-level spoofing vulnerabilities may allow attackers to forge authentication tokens, misrepresent network identity, or make malicious code appear to originate from a trusted system component.
Zero-Day Vulnerability
A vulnerability that is known to attackers but for which no patch exists yet β€” either because the vendor is unaware of it, or because the vendor knows but has not yet released a fix. Zero-day vulnerabilities are the most dangerous category: there is no patch to apply, and no update cycle will close the gap. Detection and mitigation must rely on behavioral controls rather than signature-based patching.
Patch Management
The systematic process of identifying, testing, approving, and deploying security patches to operating systems and applications. Effective patch management balances speed (patching quickly before exploits are developed) against stability (testing patches before deploying to production to avoid compatibility issues). Core components: patch inventory, test environment, staged rollout, reboot tracking, and rollback capability.
Staged Rollout
A patch deployment strategy that applies patches progressively: first to an isolated test environment, then to a small pilot group, then to the full production environment. Staged rollouts allow organizations to detect compatibility issues before they affect all systems, significantly reducing the risk that a faulty patch causes organization-wide disruption.
MSRC (Microsoft Security Response Center)
Microsoft's official resource for security update information, vulnerability disclosures, and patch documentation. Available at msrc.microsoft.com. Security professionals use the MSRC to track active vulnerabilities, review patch details, assess severity ratings (CVSS scores), and monitor for new Patch Tuesday releases.