Fixes for serious Samsung Exynos kernel exploit start to roll out
Root canal
Back in December, reports emerged there was an exploit to the kernel used by some Samsung Exynos chipsets that power many Galaxy phones and tablets.
The exploit left the devices venerable to some pretty serious security flaws. When the news hit, Samsung promised to fix the problems as soon as possible.
Today, we are starting to see the first signs of those fixes come out of production.
T-Mobile released an update to its Galaxy Note 2 devices today. It provided "Exynos and other security enhancements," along with a few other bugs fixes.
Sprint also officially announced software updates to its Galaxy S II Epic 4G Touch today on its forums. The update will roll out sometime in the next 30 days or so. It will also feature additional "security updates" and Sprint's Connections Optimizer.
A hacker's guide to the galaxy
The exploit gives users easy access to their devices' RAM, allowing them to see what's in their memory, dump it, and put in whatever processes they like back in. Though it has made the job easier for those who like to hack their own phones, it's also an invitation for some pretty serious malware.
A clever hacker could build an app with the exploit hidden in the code, rooting users phones without their knowledge. Then with elevated permissions, a hacker would have free rein to steal data and personal information.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
The exploit only affects devices with the Exynos 4210 and 4412 processors. That includes the Sprint Galaxy S II, the international Galaxy S II, the international Galaxy S III, the international Galaxy Note and the Galaxy Note 2 devices.
Tablets using the Exynos 4 were also affected, including some Galaxy Player models, Galaxy Tab 2 devices and the Galaxy Note 10.1. The Galaxy Camera also has the flaw.
You're kernel is showing
There haven't been any documented abuses of this exploit yet, but it pays to be cautious. If you think you may be affected by the security bug, the safest course of action is not to download any new apps until a patch is pushed to your machine.
But if you stick to popular apps with good reputations, there shouldn't be much to worry about.Those with rooted or jail-broken phones who use pirated apps are most at risk.
Android Central also recommended this unofficial fix from Project Voodoo to solve most of the problem. You don't even have to root your phone to employ the solution.
But it also might break some camera functionally on some of the Galaxy S III and Galaxy Note 2, along with some other problems on other devices. So read the instruction carefully.
Via Android Central