An A-Z guide to the technical terms used in digital security
A program that bears sufficient similarity to a previously identified program to be categorized as part of the same 'family'.
Variants are usually created when an author takes (or reverse engineers) the source code for a previously released malware, modifies it and releases the new, slightly different version. The original program is often referred to as variant A, with subsequent versions referred to as B, C, D and so on, depending on when they were released.
The differences between variants may be very minor, such as a change in a text message displayed; or they may be extensive, such as adding entirely new (and often more destructive) functionality.
Occasionally, a malware's source code is modified so extensively that it may be classified as a separate family, for easier reference.
Virtual machine or environment
An emulation of an operating system, or completely separate computing environment, run on a host or 'real' machine. A virtual machine functions as an isolated independent environment of an operating system or environment that can be installed onto a host, or 'real', system.
The virtual machine behaves as an isolated, independent environment, and in security research is often used to run and analyze malicious programs in a contained manner. Users also take advantage of virtual machines to be able to run two different operating systems on one host machine, for various ends.
Virtual Private Network (VPN)
A private, secured network that is runs over a larger public, unsecured network such as the Internet. A VPN allows authorized users to send data directly to other VPN-connected machines over the public network.
VPNs are commonly used by businesses to allow their remote employees to access the company intranet securely and conveniently. As the communications to and from the VPN travel over an insecure network, security is a major concern and there are numerous strategies used by VPN administrators to safeguard the private network's security.
A malicious program that injects its own code into program or data files on a computer system. A file infected with virus code is referred to as its host file.
Laypeople and the popular media will often use the term 'virus' as a general catch-all description for any kind of malicious program; a true virus however has defined characteristics which distinguish it from other types of malicious programs.
A malicious program is considered a virus if it replicates by copying its own code when its host file is run. The copied code is often either reinserted into the same host file, or used to infect another file. This replicating and inserting behavior can be very damaging to the affected files, and can eventually lead to the file - or even the entire machine - crashing.
Viruses can technically be classified based on the type of files they infect and how the code insertion is performed.
For more information, see the article Viruses.
Visual Basic Script (VBS)
VBS is the platform designator F-Secure uses to identify malware created in, or designed to use, the Visual Basic Script scripting language. Malware created in VBS or using VBS was once quite common in the early 1990s, but have become far less common as more sophisticated threats appeared.
Also known as 'VisualBasic Script', 'VBScript' or 'VBS', this language was created by Microsoft as a subset of the Visual Basic scripting language.
VBScript is widely used in webpages, mostly intended for Microsoft Internet Explorer web browser users; other browsers, such as Mozilla Firefox or Opera, do not have native support for VBScript.
VBScript is also often used with Windows Script Host (WSH) to perform local functions on machines running Windows.
A flaw or security loophole in a program, web service, network or operating system that allows a user or attacker to perform unintended actions or gain unauthorized access.
A vulnerability can be a flaw in a program's fundamental design, a bug in its code that allows improper usage of the program, or simply weak security practices that allow attackers to access the program without directly affecting its code.
Fixing a vulnerability requires the program vendor to create a patch (adding or changing the source code to rectify the flaw or loophole) and distribute it to all users of the vulnerable product to protect them from possible exploitation. A publicly announced vulnerability is often targeted by attackers, who attempt to exploit it before the vendor can create and release a patch (known as a zero-day attack).
Unfortunately, there is often a significant time lag between when a patch is released and when it is installed on a vulnerable machine. During that time, the machine remains exposed to attacks targeting the vulnerability.
For more information, see the article Vulnerabilities.