Yesterday we, along with every other Android blog out there, reported on a little security flaw found in the stock browser of many Touchwiz-based devices by Samsung. Those that are immune are the Nexus S and Galaxy Nexus since they are stock Android and not Touchwiz. But basically the security flaw could allow a remote wipe of your device with one simple line of code in any webpage. Some of the devices that are vulnerable are the Galaxy S2, Galaxy S Advance, Galaxy Beam, and Galaxy Ace.
We did learn that this vulnerability does not affect most Galaxy S3 devices. Those that are already running Jelly Bean, a custom ROM that’s based on AOSP (including CyanogenMod, Codename Android, and AOKP) and those using a different default browser aside from the stock browser on the device, were not affected by this major security flaw. Also the AT&T and European variants of the Galaxy S3 aren’t affected because of a software update rolled out within the last few weeks.
Regarding this potential hack, Samsung issued the following statement:
“We would like to assure our customers that the recent security issue concerning the GALAXY S III has already been resolved through a software update. We recommend all GALAXY S III customers to download the latest software update, which can be done quickly and easily via the Over-The-Air (OTA) service.”
Hopefully Samsung can get a fix out to the other devices involved in this security flaw ASAP. It would be even better if they can by pass these CDMA carriers like Sprint and Verizon who need to test updates before they roll them out.
If you have one of those devices that are affected, go ahead and download Google Chrome or another browser, and be sure to disable the stock browser by going to Settings and Applications.
Source: The Verge