Friday, January 4, 2013

Samsung releases Exynos vulnerability fix

Some time ago, an XDA Developers member, Alephzain, discovered an exploit that can give a malicious app complete control over a device's physical memory. It only affects those devices which use Exynos 4 based processor and use Samsung's kernel. Samsung recently issued an official statement regarding the vulnerability and reassured that they are working on the fix. Samsung has released a software update(I9300XXELLA) for Galaxy S3 that is supposed to take care of the Exynos vulnerability.

The security flaw is in the Kernel which lets a specifically coded app to take control of the device's physical memory. But the updated firmware, recently pushed by Samsung, gets rid of the issue. Samsung has changed the bootloader of Galaxy S3 for the first time, since its launch in May 2012, through this update. Samsung has also confirmed that this update also fixes the issue of some Galaxy S3 devices dying suddenly and we believe that the change in bootloader has something to do with this too.

Although, Galaxy S3 users in UK only get the assurance through this update for now, but more countries should follow soon. Samsung Galaxy S2 owners are also eligible for the update as the vulnerability was present in the device's kernel as well but we are still waiting for Samsung to release such an update for other major devices, like Galaxy Note and Galaxy Note 2, as they too suffer from this security flaw.


Post a Comment