There's nothing nice about having your data out there in the open for all to see and it's never nice to think that a piece of malware could be putting your data at risk. This is the reality that a lot people could be facing in the wake of Samsung's Exynos exploit of which broke out earlier in the week. Samsung had left read/write access open to all in the build of Android on a lot of Samsung devices. It affects devices running an Exynos 4210 or a 4412 processor and while it is especially harmful to Samsung devices it could affect other devices with those chips, that rely on Samsung's kernel sources.
The exploit affects the following Samsung devices:
- Samsung Galaxy S2 GT-I9100
- Samsung Galaxy S3 GT-I9300
- Samsung Galaxy S3 LTE GT-I9305
- Samsung Galaxy Note GT-N7000
- Samsung Galaxy Note 2 GT-N7100
- Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders)
- Samsung Galaxy Note 10.1 GT-N8000
- Samsung Galaxy Note 10.1 GT-N8010
We did a full run-down on the exploit and one of the fixes available here. For the most part, if you're unlikely to explore the internet without some common sense then you're fine. The same goes for apps, if you keep it to the Play Store then your risk is fairly minimal. Samsung have said that they are conducting an internal investigation surrounding the exploit and now they've released a proper statement to Android Central. The statement is below:
Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.
So, it looks like Samsung has a fix in mind for the devices and are aware that it could be a risk for users. Something like this is less of a risk for users that keep apps to the Play Store and stay on the straight and narrow online. It's good to see Samsung getting the word out and we just wish that an update for all users potentially at risk is on its way quickly.
[Source: Android Central]