Potentially 'Catastrophic' Bug Could Leave Thousands Of Internet Devices Vulnerable

Getty Images/OJO Images RF

A Google engineer has stumbled across a massive bug which could potentially affect hundreds of thousands of devices which connect to the internet.

Posted on Google's online security blog engineers Fermin J. Serna and Kevin Stadmeyer wrote: "Have you ever been deep in the mines of debugging and suddenly realized that you were staring at something far more interesting than you were expecting?"

The vulnerability was found within a code that forms the building blocks of internet connectivity. In particular it is most commonly used to help a computer convert a domain name ( into an IP address - in other words the web page that you're viewing right now.

This vulnerability potentially allows a hacker to write a piece of software which could give them access to an internet connected device such as a router, Smart TV or computer.

The vulnerability could affect thousands of internet devices including routers.

Google's engineers warn that "remote code execution is possible, but not straightforward."

The bug was discovered in glibc, a well-known library of code used when writing software for internet connected devices. According to Google the bug was actually discovered independently back in July 2015.

While popular operating systems like iOS, Android Mac OS X and Windows are not affected by the bug there are an increasing number of IoT devices from lightbulbs to washing machines which could be vulnerable to the exploit.

Google's engineers have since sent out a proof-of-concept attack which will allow manufacturers to test out their systems and make sure that their software is adequately protected.

Since the discovery last year there are no known reports of hackers being able to turn the vulnerability into a weapon.

Popular in the Community