Thousands of apps and hardware devices are under risk thanks to this newly uncovered computer security bug.
According to straitstimes.com,
“Google said a flaw in some commonly-used code could be manipulated to grant remote access to devices – whether it is a computer, internet router or a piece of equipment connected to the Internet.”
“The BBC [also] reported that the code can also be within many of the so-called “building blocks’ of the web – programming languages such as PHP and Python are affected, as well as systems used when logging in to websites or accessing e-mail.”
If the reports are to be believed, most of the Bitcoin software is vulnerable as well. The bug that is a possible threat to thousands’ of devices across the globe is named CVE-2015-7547 – glibc getaddrinfo stack-based buffer overflow. The bug was detected in July last year and is found in glibc – an open source library of code widely used in Internet-connected devices. Glibc has been around since 2008 and is currently vulnerable to hackers, allowing them to implant a malicious code within the device memory that will allow remote execution through the web.
With the world having a serious problem in its hands; Google has teamed up with open source solutions provider Red Hat to come up with a fix. Furthermore, the severity of this problem is difficult to gauge, mainly because, it is not easy to identify the number of devices using glibc. However, we have heard that this bug does not affect Windows and OS X run devices.
Prof. Alan Woodward, a security expert from the University of Surrey has pointed out that consumers should be worried about smaller connected devices. He had said, “Think routers and increasingly anything considered part of the ‘Internet of Things’.”
So is this bug a catastrophe in the making or did we just narrowly evade a bullet? The bug has exposed a lot of devices to possible crash, even allowing hackers to remote code devices to run attacks on others!
Alarming as this sounds, the latest we have heard is that Google has released a patch to fix the problem. We definitely don’t want anyone remotely logging on to our phones. Think of the kind of information the hackers can get a hold of!