This chapter provides an overview of several topics related to handling product security vulnerabilities. Following are some main topics covered in this chapter:
• The definition of what constitutes security vulnerability
• Vendor’s speed of producing remedies for the vulnerabilities
• Issues with applying the remedies in different environments
Throughout this and the following chapter, you will encounter terms such as fix and patch. For the purpose of this book these two expressions are equivalent, and their primary meaning is updated software and/or configuration to remove security vulnerability. However, these expressions also have, or can have, a second meaning: a change in the source code.