Samsung vows quick fix for Android security vulnerability


Samsung Electronics is at work to patch a security flaw afflicting a number of devices running Google's (NASDAQ:GOOG) Android, leaving them exposed to malicious apps that could result in hackers gaining root level permissions.

The exploit, first identified earlier this week by user alephzain at the XDA Developers forum, gives hackers access to all of the Android device's physical memory. Alephzain tested the vulnerability on a Samsung Galaxy S III to root his device, but research indicates the flaw is also present across the Galaxy S II, Galaxy Note II, Meizu MX and other devices that feature an Exynos processor (4210 and 4412) and leverage Samsung kernel sources.

"Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible," the manufacturer said in a statement issued to Android Central. "The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications. Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices."

There are currently no known Android malware apps that exploit the vulnerability in question, which does not pose a threat to Android devices without the Exynos processor.

An estimated 18 million Android users will encounter mobile malware between the beginning of 2012 and the conclusion of 2013, according to a new forecast published by Lookout Mobile Security. The firm adds that the likelihood users will encounter malware or spyware threats depends heavily on their geography and behavior, varying from 0.20 percent in Japan to 0.40 percent in the U.S. to as high as 34.7 percent in Russia.

For more:
- read this Android Central article

Related articles:
Developers find major security flaw in Samsung Android devices
Lookout: Android malware will infect 18 million users by end of 2013
Study: Android 4.2 app verification security only detects 15% of malware
Android malware surges to new highs in Q3
Google denies Android malware charges, researchers backtrack
Report: Android malware increased 155 percent year-over-year