Editing Vulnerability (computer security) (section)

===Design factors===
Vulnerabilities can be worsened by poor design factors, such as:
*Complexity: Large, complex systems increase the possibility of flaws and unintended access points.<ref name=Vacca23>{{cite book|last= Kakareka|first=Almantas|editor-last=Vacca|editor-first=John|title=Computer and Information Security Handbook|series=Morgan Kaufmann Publications|year=2009|publisher= Elsevier Inc|isbn= 978-0-12-374354-1|page=393|chapter=23}}</ref>
*Familiarity: Using common, well-known code, software, operating systems, and/or hardware increases the probability an attacker has or can find the knowledge and tools to exploit the flaw.<ref>{{cite book | title = Technical Report CSD-TR-97-026 | first = Ivan | last = Krsul | publisher = The COAST Laboratory Department of Computer Sciences, Purdue University | date = April 15, 1997 | citeseerx = 10.1.1.26.5435 }}</ref> However, using well-known software, particularly [[free and open-source software]], comes with the benefit of having more frequent and reliable software patches for any discovered vulnerabilities.{{cn|date=May 2025}}
*Connectivity: any system connected to the internet can be accessed and compromised. [[Air gap (networking)|Disconnecting systems from the internet]] can be extremely effective at preventing attacks, but it is not always feasible.{{sfn|Linkov|Kott|2019|p=2}} 
*[[Legacy software]] and [[legacy hardware|hardware]] is at increased risk by nature.{{sfn|Haber |Hibbert|2018|p=155}} System administrators should consider upgrading from legacy systems, but this is often prohibitive in terms of cost and [[downtime]].{{cn|date=May 2025}}