Exploit in Exynos 4-based devices gives access to all physical memory

Android isn’t known for being the safest platform when it comes to smartphones and tablets. According to The Next Web, the people at XDA Developers have discovered a vulnerability in Samsung devices that gives access to all physical memory. This is a big problem, as it could potentially allow attackers to use malicious apps that wipe data and brick devices, or even quietly access user data.

XDA member Alephzain tested the vulnerability on a Samsung Galaxy SIII to root the device, but he has said that the same exploit also exists on the Galaxy SII, the Galaxy Note II, the Meizu MX, and could exist on more devices that use Exynos processors like the 4210 and the 4412, along with Samsung kernel sources.

Exynos beware!

While this is certainly bad news related to malicious attacks, it is being used by developers to make rooting and other advanced processes easier. Developer Chainfire has used the exploit to release an app called ExynosAbus that gains root privileges and installs the latest release of SuperSU on Exynos4-based devices.

More from News & Analysis

What is the US HIRE Bill and why is India’s $250-billion IT sector worried? Is the internet dead? What's this theory that OpenAI's Sam Altman says might be true?

The devices compatible with ExynosAbuse include: Samsung Galaxy S2 GT-I9100, Samsung Galaxy S3 GT-I9300, Samsung Galaxy S3 LTE GT-I9305, Samsung Galaxy Note GT-N7000, Samsung Galaxy Note 2 GT-N7100, Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders), Samsung Galaxy Note 10.1 GT-N8000 and the Samsung Galaxy Note 10.1 GT-N8010.

Samsung is yet to confirm the issue so far, and there haven’t been any reports of users being attacked by apps that use the exploit so far—but caution is still advised. Many users will be safe though, as the exploit doesn’t seem to exist on devices that don’t use an Exynos 4 processor. Developer Supercurio has noted that the Nexus 10 doesn’t have the exploit since it uses an Exynos 5 chip.

Supercurio has also released a fix for the vulnerability while users wait for a response from Samsung. More information can be obtained on the Project Voodoo page.

Earlier this month, it was revealed that the app verification that is bundled in Android 4.2 Jelly Bean is severely lacking, as it was only able to detect 15.32 percent of known malware. The data came from a study performed by Xuxia Jiang, an associate computer science professor at NC State University. The experiment used 1,260 samples that have been widely shared with the researching community as well as Google. While running the test on a Nexus 10 tablet running Android 4.2, just 193 out of the 1,260 samples were successfuly detected by the operating system as malware.

For the sake of comparison, researchers had also picked up a sample from each malware family and tested it with other anti-virus engines, including Avast, AVG, TrendMicro, Symantec, BitDefender, ClamAV, F-Secure, Fortinet, Kaspersky and Kingsoft. These anti-virus engines detected from 50 to 100 percent of the malware.