A known program that may or may not be a threat to a computer. For example, an email greeting that acts like a mass mailer, but isn't strictly a worm because you can choose to use it before it activates.
Programs that do any of the following actions:
Provide unauthorized access to computer systems
Compromise data integrity, privacy, confidentiality, or security
Present some type of disruption or nuisance
Security risks are initially evaluated as malicious code using the calculated risk, prevalence, and impact values. All security risks have an infection potential of zero which distinguishes them from malicious code. Security risks are classified as either adware or spyware.