Security exploit opens Samsung Galaxy S III, Note II to attack, could let apps from Google Play write to Kernel
Amid the XDA community's ongoing quest to root every Android handset it comes across, one forum user appears to have found a serious exploit that affects certain Exynos devices. While fiddling with his Galaxy S III, XDA user Alephzain discovered a way to obtain root without flashing with Odin. The Samsung kernel apparently allows read / write access to all physical memory on the device, including the kernel itself. This makes for an easy root, Alephzain writes, but leaves devices open to attack -- allowing Kernel code injections and RAM dumps from malware-laden apps from the Google Play store.
It isn't the only avenue for attack on an Android handset, but it is an exceedingly easy attack. Luckily, a community fostered fix seems pretty simple too -- XDA user RyanZA has already created a patch to modify write permissions on affected devices -- though Galaxy S III users are reporting that the fix cripples the phone's camera app. So far, Alephzain has confirmed that the Galaxy S II, III, Note II and the Meizu MX are at risk, but notes that the exploit might work on any device running a Exynos 4210 or 4412 processor. Samsung has not yet made a comment about the vulnerability, but forum members say that the issue has been reported. As for the exploit's lasting implications? Head on over to the XDA forums to join the discussion.
Update: François Simond (aka Supercurio) wastes no time plugging holes, and has already released a root-free fix for the vulnerability. Simond's solution is wrapped up in a simple APK, and requires no root, no flashing and no special know-how. It can be enabled or disabled manually, too -- allowing Galaxy S III users to regain full use of their front-facing camera, which as previously stated, is disrupted by the fix. Best of all, it's free -- skip on over to Project Voodoo at the source to get protected.
Update 2: Our good friend Supercurio also brought our attention to a statement released by Samsung France to Le Monde: the company will be issuing an official patch "very quickly," and it emphasized that this is an issue "only if a malicious application is installed." Obviously, for now you can use Supercurio's patch to ease your mind.
