Handsets

Major security flaw discovered in latest Exynos devices; community cooks up temporary fix as Samsung investigages

11

Uh-oh — it looks like someone left a rather big hole open in Samsung’s kernel for its latest Exynos-based devices. An exploit has been reported to exist that would allow a malicious application to gain full access to a user’s device. For some reason, several parts of the memory system are open for read/write access to anyone.

It’s said to affect any device with the Exynos 4210 and 4412, which would include heavy hitters such as the Exynos Samsung Galaxy S2, the Exynos Samsung Galaxy S3 and all Samsung Galaxy Note 2 units. Those with Qualcomm-based devices — which were common with the Galaxy s2 and Galaxy S3 here in North America due to LTE — are safe.

For an idea of just how bad this exploit is, know that it is possible for anyone who knows what they’re doing to gain root access fairly easily — so easily, in fact, that you don’t need to ODIN or do any fancy file transferring to do so. This means an app you download from the Google Play Store or third party sources could quietly break into any part of the system it wants to without much effort at all.

More details about what seems to be going on can be found at the XDA thread where many folks within the development community have come together to discuss the exploit. A temporary low-level fix has been provided for developers who want to experiment with it or implement it into their ROMs, but the fix does seem to break access to the device’s camera. It comes down to what’s more important: security or photos? The former should ring true for most, but we understand the hesitance of not wanting to lose the latter.

Luckily, danger should be easily avoidable. For starters — and you might have heard this a lot in the past, but here it is again — please remember to download from trusted sources only. Try and stick to the Google Play Store wherever possible, and don’t download any app that looks suspicious.

Most folks in the Play Store are genuine, but one or two apps may try and sneak their way into people’s phones by disguising themselves as something they’re really not. Most of these types of apps tend to be simple wallpaper or ringtone apps, so if there was one category you absolutely had to stay away from then that would be it.

If you’re downloading APKs for the purposes of sideloading then be sure that you can trust the developer who provides it. Even if you trust the developer, make sure you’re reading comments regarding the APK, and make sure you’re downloading from the developer’s own link.

Of course, avoidance is not the best course of action — an even better solution would be an official fix from Samsung. The company has acknowledged that a problem might exist and has launched a formal investigation into the matter. We’re hopeful it’ll find that the development community is right, and that a fix will be rushed out worldwide to prevent a huge problem.

[XDA Developers via MobileSyrup]

Quentyn Kennemer
The "Google Phone" sounded too awesome to pass up, so I bought a G1. The rest is history. And yes, I know my name isn't Wilson.

Android-controlled toilet is Japan’s latest bathroom innovation

Previous article

Android 4.1 Jelly Bean for US Cellular’s Samsung Galaxy S3 coming this Friday

Next article

You may also like

11 Comments

  1. Once again, I only download from the market or Amazon Market. Also, only download and side load outside stuff for ROM purpose from XDA. If you get hit my malware…you are probably doing things you shouldnt and probably deserve it!

  2. It’s easy enough to avoid malicious apps, and it makes it easy to root. I hope no one has trouble from it but I’m considering this handy as opposed to worrisome.

    1. Yeah, three cheers for vulnerabilities:
      Hip hip, hooray!
      Hip hip. hoowhat? This wallpaper app had a baby app. Hmm…
      Hip hip. Oh, how did it get my online bank account login :-(

  3. Can someone answer this: if an app is deleted, does the developer still have access to my phone?

    1. edited

    2. My amateur answer would be that they do not continue to have access to your phone thorough the app that you deleted. However, if that app had root privileges, it could have installed another hidden app that is still there doing whatever it is designed for (logging GPS, sending phonebook data, forwarding SMS/emails, and maybe even keylogging (?)).

      Someone please correct me if I am wrong.

  4. For those who pirate apps this may be a problem. Those that do not shouldn’t have too much to worry about.

  5. Wasn’t it someone at XDA Developers who developed and published the exploit kit? And aren’t lots of people rooting their Android phones to install Android versions from XDA?

  6. So LTE verizon S3 is safe?

    1. Yes, the AT&T, T-Mobile, Sprint, and Verizon variants use the Qualcomm S4.

  7. in the us this should only pertain to the Galaxy note 2. Though if you are careful this should be nothing to worry about. I’m wondering if this was ad mistake or not and Samsung has been showing support for the modding community. or at least they been more friendly to those modding than the rest of the competition

Leave a reply

Your email address will not be published. Required fields are marked *

More in Handsets