Getting the concerned authority informed on the security vulnerabilities of the software is as per the ACS values. The action would make sure that the design team fixes these loopholes thus upholding the value of ACS that public interest comes first. It will also help to make the software more robust hence enhancing the quality. The third ACS value is honesty and informing the authorities about the issues in the software abides by this value (Banerjee & Murarka, 2013). This action would also make me serve the stakeholders without any self-interest. If I go ahead and try to find the solution for the vulnerability then it would test my professional competence and if the solution provided by me then it would take a smaller time to fix the software. Overall informing the concerned authorities about the issue in the software is a true professional conduct and the value of professionalism is upheld by this act.
From the above discussion the best course of action to first find the seriousness of the vulnerability. If the issue is small and the fix will not take much time then all the information could be disclosed to the authorities at once (Joshi, 2013). If the issue is complicated and the fix would take a longer time then the users of the software should be made informed so that they could take necessary steps from their side to avoid any problem which could happen due to the software bug. Whatever the case might be it is our responsibility to document the issue and the propose solutions so that the similar issue in future software developed could be avoided.