Definition: An exploit is an attack based upon a known vulnerability that is present an information infrastructure. A successful and harmful intrusion aims to take advantage of the specific vulnerability as a weakness. Forgetting to change a default administrative password on a router, for example, would create an obvious vulnerability. An unintended backdoor or entry-point left in a major operating system, discovered by crackers, represents a major vulnerability. Crackers and hackers literally look for vulnerabilities that can be attacked. There are networks of malicious users who share information.
Its Relevance: A business or organization must have a systematic plan that specifies how computers or networks are to be protected. The plan must be included in the company’s formally adopted information security policies and procedures. Such a plan should include active involvement on the part of the IT staff to keep up with existing and emerging vulnerabilities. Every employee in the organization should be aware of the countermeasures and processes to be maintained to prevent a breach in confidentiality, integrity and availability of the information system. Failing to do so may be considered to be a lack of due diligence.