Researchers from Google have discovered a serious, seven-year-old vulnerability in code used by hundreds of thousands of apps and devices, as Tech Insider reports.

It affects "glibc" — a library of open-source code. Hackers could use the bug to crash or take control of services that make use of glibc.

As it happens, Google wasn't the only company looking at the bug. In a blog post, Google researchers say that the bug was flagged up to the maintainers of the glibc code back in 2015.

Researchers have now produced a patch that fixes the issue.

Professor Alan Woodward at the University of Surrey told: "Many people are running around right now trying to work out if this is truly catastrophic or whether we have dodged a bullet." But as Ars Technica's Dan Goodin points out, the fact it went unpatched for seven years — and was discovered by multiple groups — means it's not unfathomable that it has been discovered and exploited by malicious third parties.

bbabo.Net