A countermeasure for a computer security threat to a computer system is administered by establishing a baseline identification of an operating or application system type and an operating or application system release level for the computer system that is compatible with a Threat Management Vector (TMV). A TMV is then received, including therein a first field that provides identification of at least one operating system type that is affected by a computer security threat, a second field that provides identification of an operating system release level for the operating system type, and a third field that provides identification of a set of possible countermeasures for an operating system type and an operating system release level. Countermeasures that are identified in the TMV are processed if the TMV identifies the operating system type and operating system release level for the computer system as being affected by the computer security threat. The received TMV may be mutated to a format for processing of the countermeasure.