A Zero-Day Vulnerability was discovered earlier this week by Perception Point. It affects Linux Kernels 3.8 and above which some of our servers use. This vulnerability has no instances of going wild, or being used by a hacker. It was only recently discovered by the security team.
Linux Kernel 3.8 is used on Linux computers, servers and all android devices running Android KitKat 4.4 or later. Some estimates put that at 66-69% of android devices but Google claims it’s much lower than that. Google has pushed a patch to open source for developers to implement and will require that all devices run the patch as of March 1st 2016.
What does this mean for you?
Well not much to be honest. Since nobody has actually exploited this vulnerability it hasn’t “hurt” anyone yet. If you’re one of my clients rest-assured we are already tracking Kernel Security for the release of the patch and are monitoring all of our servers just in case. If you’re not a client make sure your host is aware of the vulnerability. And if you’re an android user just update when the update comes.