 "Google ignores weeks old critical Android vulnerability in November's security update")
A critical Linux kernel bug, dubbed Dirty Cow, had reared its head in October (for the second time). When exploited, the bug gives hackers unfettered access to any Linux-based system, including Android. ArsTechnica, which went through Google’s Android patch notes for November, discovered that the bug wasn’t addressed. **As we reported earlier** , the bug is actually around 9-11 years old and has only now popped up again because, as Linux creator, Linus Torvalds explains, it was difficult to reliably exploit it at the time. Phil Oester, who rediscovered this bug in the wild, said that anyone could reliably “root” a device in less than 5 seconds today. Google’s Android operating system (OS) is affected by this bug simply because the OS is built on the Linux kernel. Anything that affects the Linux kernel can, potentially affect Android OS. It’s not clear why Google is not addressing this bug because users, let alone hackers, are already using the technique to root their manufacturer locked devices. If this wasn’t bad enough, a malicious user can effectively use this bug to bypass most, if not all, of Android’s built in safety features. Assuming you’re not downloading apps from “unknown sources” and are only sticking to the Play Store, you’re relatively safe. But again, as ArsTechnica is quick to point out, the Play Store is not the bastion of security. Malicious apps do get by all the time and an exploit like Dirty Cow is actually very hard to detect or deal with. Google has promised to release a patch for Dirty Cow in December, but even then, it’ll only make its way to Google’s supported devices. Third-party manufacturers can and will take their own sweet time issuing any Android update, so be warned. The parallels between Dirty Cow and a recently revealed Windows Kernel vulnerability are quite startling. It’s interesting to note that Google gave Microsoft a mere 7 days to respond to the bug. It’s now more than 14 days since the bug was discovered for a second time and Google has no fix yet.
A critical Linux kernel bug dubbed Dirty Cow was reared its head in October (for the second time). When exploited, the bug gives hackers unfettered access to any Linux-based system, including Android.
Advertisement
End of Article
 "Charlie Kirk, shot dead in Utah, once said gun deaths are 'worth it' to save Second Amendment")
 "From governance to tourism, how Gen-Z protests have damaged Nepal")
 "Did Russia deliberately send drones into Poland’s airspace?")
 "Netanyahu ‘killed any hope’ for Israeli hostages: Qatar PM after Doha strike")
 "Charlie Kirk, shot dead in Utah, once said gun deaths are 'worth it' to save Second Amendment")
 "From governance to tourism, how Gen-Z protests have damaged Nepal")
 "Did Russia deliberately send drones into Poland’s airspace?")
 "Netanyahu ‘killed any hope’ for Israeli hostages: Qatar PM after Doha strike")
