Great Moto G Stylus deal on Amazon!

Critical "Dirty Cow" Android exploit not fixed by November Android security patch

By Luis D.
12comments
Android
Critical "Dirty Cow" Android exploit not fixed by November Android security patch
Google has put off closing a rather prominent exploit called "Dirty Cow" in the November Android security patch. Named after the "copy on write" memory management technique it's based on, the hole has existed in virtually all versions of Android since Google incorporated the Linux kernel in it. It was only publicly disclosed last October, though, as part of a coordinated release that was supposed to ensure a fix was created before more regular users or potential attackers were aware of the flaw. But this month's security update doesn't close the loophole, which came somewhat unexpected.

The technique is popular among apps for rooting Android devices, as it lets developers circumvent manufacturer and operating system limitations in order to gain root access. However, the exploit can be incorporated into malicious apps so that they sidestep existing Android security measures. In January this year, security researchers reported at least 13 apps in the Google Play store that exploit rooting vulnerabilities, including Dirty Cow.

Google claims a patch for the loophole will be released in December. Unfortunately, the security updates that Google releases only reach Nexus/Pixel devices and a small number of phones by companies such as Samsung. This means the overwhelming majority of Android smartphones out in the wild will remain vulnerable possibly forever.

ALSO READ

Recommended Stories

Loading Comments...

Popular stories

T-Mobile is now going to dictate where you can use its 5G internet
T-Mobile is now going to dictate where you can use its 5G internet
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Samsung's killer Galaxy Watch 6 Classic trade-in deal comes just in time for Mother's Day
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
Apple signals the imminent release of the iPad Air (2024) and iPad Pro (2024)
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
The speedy iPad Mini 2021 is even sweeter than usual after a lovely discount on Amazon
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Apple Watch X render shows new magnetic band mechanism that could lead to longer battery life
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate
Text message from AT&T about a free device offer may look like a scam or spam but it is legitimate

Latest News

T-Mobile confirms major 5G network upgrades in Louisiana
T-Mobile confirms major 5G network upgrades in Louisiana
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Apple needs a $250 iPhone to boost sales but it doesn't want to make "stripped-down, lousy products"
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Grab the smaller-sized Galaxy Watch 6 at bargain prices through Amazon's deal
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
Galaxy S21 and S22 owners facing green line issue will get free screen replacement in one country
AT&T's first kid-friendly tablet is here with a fun design and great price
AT&T's first kid-friendly tablet is here with a fun design and great price
LeBron James may have leaked Apple's next big Beats product
LeBron James may have leaked Apple's next big Beats product
FCC OKs Cingular\'s purchase of AT&T Wireless