Misco Cookie Policy
We have published a new cookie policy. It explains what cookies are and how we use them on our website. To find out more about cookies, click here. By closing this message, you consent to our use of cookies on this website in accordance with our cookie policy. You can disable cookies, however please note that disabling deleting or disallowing cookies will affect your web experience.

Glibc bug may affect thousands of devices

Glibc bug may affect thousands of devices
18th February 2016

by Shannon Greenhalgh

Experts believe that a "sizeable portion of internet-facing services" are at risk for hackers to manipulate after a major computer security vulnerability was discovered.

It's not entirely clear if the flaw, said to be found in code used in large numbers of apps and software, is "truly catastrophic or whether we have dodged a bullet," Professor Alan Woodward, a security expect from the University of Surrey, told the BBC.

He said experts were "running around" trying to diagnose how serious the discovery was, fearing that huge numbers of computers, routers and other devices may be vulnerable to devastating hacking attacks.

The bug relates to a widely-used library of code called "glibc", revealed Google engineers, who were not prepared to say much more for security reasons. They have, however, already released a patch to fix the problem, with it now up to manufactures to issue the patch to affected software and devices as soon as possible.

Major systems like Windows or OS X were said to be immune to the glitch, but smaller connected devices could well be at risk.

"Think routers and increasingly anything considered part of the 'Internet of Things'," Prof Woodward said.

Washington D.C.-based security researcher Kenneth White assured: "It's not a sky-is-falling scenario.

"But it's true there's a very real prospect that a sizeable portion of internet-facing services are at risk for hackers to crash, or worse, run remote code to attack others."

He said that while there is no publicly known attack code using the flaw, it's a "near certainty" hackers would try to exploit the weakness.


Join our mailing list

Featured IT News

IT News Archive

Tweeting Now