Samsung says it’s working “as quickly as possible” to fix an exploit in some of its Android phones, which could allow hackers to gain total control over the device.
The exploit was first reported on the XDA Developers forums on Saturday, and attracted lots of attention from the tech press. It allows malicious apps to control all physical memory on the device, thereby allowing for remote wipes, access to user data and other malicious activities.
All Samsung Android phones based on Exynos 4210 and 4412 processors are vulnerable. As Android Central notes, that includes the Galaxy S II on Sprint, Galaxy Tab 2, Galaxy Note 10.1 and certain Galaxy Player models. International versions of the Galaxy S III, Galaxy Note and Galaxy Note II are affected, as well as U.S. versions of the Galaxy Note II, but U.S. versions of the Galaxy S III are not affected.
In a statement to Android Central, Samsung says it’s aware of the issue and is working on a software update to fix it. “Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices,” the company said.
Although this exploit sounds pretty dangerous, Samsung says that “most devices operating credible and authenticated applications” won’t be affected. In other words, if you’re downloading trustworthy apps from the Google Play Store, you probably have nothing to worry about. (It’s unclear whether Google’s malware scanner, which examines all new apps in its store, is picking up on this new exploit.)
Still, the exploit doesn’t look good for Samsung, which just a few months ago had to scramble to fix another software vulnerability. That security flaw allowed attackers to remotely wipe phones running Samsung’s TouchWiz UI, using only a Web link with malicious code.
To be clear, these are security flaws in specific Samsung phones, not to be confused with general malware such as apps that send premium-rate SMS messages without permission. The common thread, however, is Android’s open app ecosystem, which allows users to install any software they want. While all Google Play Store apps must pass a malware check, the system isn’t foolproof. Neither is the new built-in malware scanner in Android 4.2 for apps from outside the store.
Which brings us back to the usual refrain: An occasional security threat is the byproduct of having that open ecosystem. That means users should take some basic precautions before downloading an app, like seeing how many users have downloaded it, and what they’re saying about it. As Samsung says, credible applications won’t pose any danger, even for this new exploit. But if a little extra care sounds like too much work, there’s always the iPhone or Windows Phone instead.