Android users waiting for a fix for a newly discovered flaw that allows apps to bypass key operating-system security protections will have to wait at least another month. The just released patch batch for November, inexplicably, won’t include it.
The so-called escalation-of-privilege vulnerability dubbed Dirty Cow was introduced into the core of the Linux kernel in 2007, shortly before Google engineers incorporated the open-source operating system into Android. That means the bug, formally indexed as CVE-2016-5195, affects every version of Android since its inception.