Dirty COW bug leaves millions of users vulnerable to attack

A vulnerability discovered in the Linux kernel has been present for nine years, and users are being advised to seek out and install a patch as soon as they possibly can. Dubbed Dirty COW, the bug is a privilege escalation vulnerability which can be found in just about every Linux distro out there.

Discovered by security expert Phil Oester, Dirty COW is described as one of the most serious bugs of its type ever found in Linux. Assigned the code CVE-2016-5195, there is evidence that the vulnerability has been exploited and a website set up to alert people to the problem advises that the “security community should deploy honeypots that entrap attackers and to alert about exploitation attempts”.

 While the bug has now been patched, it’s important that Linux users check that they have the patch installed. With Linux used to power so many web servers around the world, the potential impact of a successful exploit is huge. What’s particularly concerning about the exploit is that it is all but impossible for antivirus and security software to detect, and once exploited, there is no evidence of what has happened.