Security issue discovered on Exynos-based devices

[mercurial]

A security issue has been identified on Android devices running Samsung's Exynos processors, which includes phones such as the Galaxy S II, Galaxy S III, Note and the Note II (international models).

The issue was identified by an xda-developers member 'Alephzain' and if exploited, lets any application complete access to the RAM and the kernel.

Samsung is yet to comment on the issue but several developers have already submitted quick fixes. Initial patches fixed the issue but also rooted the device along the way.

Now Françoid Simond, creator of the popular VooDoo Sound app for Android, has released his own fix, which takes care of the issue without rooting the device. You can download the patch for your device here.

Hopefully, Samsung will quickly release an official update that solves this problem.

Source

 

[Dom1n8tr1x]

Thanks for posting this, wasn't aware of this issue.

 

[mercurial]

No problem.

 

[mercurial]

Samsung acknowledges Exynos exploit, promises quick fix

In an official statement, Samsung has confirmed a reported vulnerability in Exynos kernel code that could be exploited by certain applications. This includes the international versions of the Samsung Galaxy S III, S II, and Note II.

It is quick to point out that most well-known, legitimate apps are not carrying any risk, so if you stick to popular apps from the Play Store, then you should be safe.

The exploit can be used to allow an app access to the RAM, enabling it to read user data as well as general device operations.

Samsung has assured everyone that it's busy taking care of the problem, and is promising a fix for the vulnerability in the form of a patch, which should come "as quickly as possible."

For now, if you're worried about your data, we recommend uninstalling any lesser known or third party apps you may have downloaded recently, at least until the hotfix is released by Samsung.