New Security Threat for the Samsung Galaxy Note 2 and Galaxy S3 [Updated with non-root Fix]

| December 16, 2012 | 3 Replies

samsung-logo-001

Yet another security threat was found by the Android developer community that affects the Galaxy S3, Note 2, Galaxy S2 and the Meizu MX. This exploit was also found to work on any device running the Exynos 4210 or 4412 processor. So what is this exploit? Well it makes for an easy root, but leaves the devices open for attack. Allowing for kernel code injections and RAM dumps from Malware apps that can be installed from the Google Play Store. According to XDA user Alephzain who found the exploit.

But luckily the developer community is quick with things like this and have already found a fix. Thanks to XDA user RyanZA, there is already a patch to modify these permissions on all the affected devices. But the only downside is that users have confirmed that this fix cripples the camera on all these devices. So far Samsung has not made a comment on this security flaw on most of their flagship devices, but we expect to hear something soon from them.

As we said this does affect all devices using the Exynos 4210 or 4412 processor, which are primarily Samsung devices, and newer ones at that. Members in the XDA forums have said that the issue has been reported to Samsung. And the amount of media coverage it’ll get in the coming hours will almost force Samsung to comment very soon.

If you’re one of those millions of people out there with the Galaxy Note 2, Galaxy S2 or 3, or the Meizu MX or some other device running on the Exynos 4210 or 4412 processor, and you’re rooted. Be careful with what your downloading from the Play Store. As we’ve said before, always check the reviews before downloading and see what others think about the app. If it’s got some pretty bad reviews you’ll want to leave it in the Play Store.

Update: Thanks to Supercurio, there’s now a non-root fix that you can apply to your device to fix this exploit. It’ll let you know if your device is vulnerable and then close it if it is. And most of all it “doesn’t modify your system, copy files, or flash anything”. You can turn the fix off and on as you choose, which is great since it messes with the front-facing camera. It also could mess with the HDMI output for some devices, but we aren’t 100% sure. So here’s a temporary fix for those that aren’t rooted, and hopefully Samsung will get an update out to fix this exploit ASAP.

SourceXDA-Developers (1)(2)

Category: Android News, Android Phone News

About Alexander Maxham ()

Alex has been an Android user since the Motorola Droid back in 2010. He's been a huge Android fan ever since using many of the most popular flagships. He's currently rocking a Moto X and a G2.
  • http://twitter.com/ProfessorTom Tomas Gallucci

    Was this written by aggregator software? Seriously, there are many phrases that are punctuated as though they were sentences; indeed, there are very few full sentences in this post.

  • Dalton

    Thanks, but you don’t say how to get the fix or how to know which processor your device has.

  • Chris

    This article is very misleading and shows the author has a poor understanding of the issue. Let me clear things up:

    If you have the international model of the Samsung Galaxy S3, your phone is at risk regardless of if you’re rooted or not. The exploit allows any application downloaded off of the market or internet to gain root access to your phone. It will bypass apps designed to allow root access to specific applications. If you click the link that this article quotes as its source, it links to an apk you can download to temporarily fix the problem.