Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors
Another XDA member named Chainfire has devised a one click root-method using the exploit. Samsung has been notified about the situation and we wouldn't be surprised to find the Korean based manufacturer sending out a patch soon to close this opening.
In the meantime, here is a list of devices that could be affected. Samsung Galaxy S II (GT-I9100), Samsung Galaxy S III (GT-I9300), Samsung Galaxy S III LTE (GT-I9305), Samsung GALAXY Note (GT-N7000), Samsung GALAXY Note II (GT-N7100), Samsung GALAXY Note II Verizon-Locked Bootloader (SCH-I605), Samsung GALAXY Note 10.1 (GT-N8000), Samsung Galaxy Note 10.1 (GT-N8010).
A developer named Supercurio has come up with an instant fix, which needless to say, you use at your own risk. You can find the site, called Project Voodoo, by clicking on this link.
Recently discover a way to obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.
This device is R/W by all users and give access to all physical memory … what’s wrong with Samsung ? […]
The good news is we can easily obtain root on these devices and the bad is there is no control over it.
Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible."-alephazin, XDA
source: XDA, TheNextWeb, via AndroidAuthority
1. wendygarett posted on 16 Dec 2012, 22:55 4 33
That's why you shouldn't be so wild to root your device my fellow fandroids :)
3. true1984 posted on 16 Dec 2012, 23:02 18 1
actually this was built into the system.it has nothing to do with rooting. samsung released the phone with a security flaw
4. Droid_X_Doug posted on 16 Dec 2012, 23:06 7 0
Actually, a variation on rooting seems to be a way to plug the hole (until Sammy releases a patch)....
The vulnerability seems to exist regardless of whether the phone has been rooted. All you have to do is install a malicious app that contains code that does the exploit, and your phone belongs to the exploiter. Until a patch is released, I may be putting my phone on airplane mode while it charges overnight.
6. Dr.Phil posted on 16 Dec 2012, 23:12 4 0
I wouldn't worry that much about it, but I would say you should go under your settings and change it so that your applications do not automatically update.
9. Droid_X_Doug posted on 16 Dec 2012, 23:18 1 0
I have been requiring manual updates to apps since I moved to Android back in 2010. Although there is some slight risk that malware was developed before the current publicity. Since my installed apps are from mainstream developers with at least 20,000 installs, I probably have limited (if non-existent) exposure.
5. Dr.Phil posted on 16 Dec 2012, 23:09 1 0
Yes, and I believe that for the most part you would be safe just as long as you don't download or use any applications you suspect to exploit this security flaw. So, for instance, I don't think downloading and playing "Angry Birds" on your phone would open yourself up to this type of hacking. However, if you are the type to download applications from unknown or untrusted publishers then yeah you could have the potential of this happening.
8. sarb009 posted on 16 Dec 2012, 23:16 1 4
Hey wendy i guess u are spoiled kid of a rich father who has nothing to do except posting stupid comments on phonearena all the day or u are a homeless person sitting near a free wifi spot who also has nothing to do. In both cases u should find a job
25. AamirSIII (banned) posted on 17 Dec 2012, 06:26 0 0
dislikes to ur comment show how sound u and ur comment are...
28. networkdood posted on 17 Dec 2012, 22:45 0 0
wendy, you really need to know what you are talking about.
2. darkskoliro posted on 16 Dec 2012, 22:57 1 3
Maybe they shouldnt have posted the news, now all the hackers know. Should have just sent it in and got it patched asap
7. Droid_X_Doug posted on 16 Dec 2012, 23:13 1 0
Somehow, I suspect desire for attention on finding the exploit won out over prudence (notify Sammy and publicize the finding after a patch was released).
10. joey_sfb posted on 16 Dec 2012, 23:22 0 0
Its always good to alert users so they can be more mindful their actions. User need to install the dangerous app which sound like any malware to me. And to code one just for samsung phone is a lack of forth sight to me.
14. Droid_X_Doug posted on 16 Dec 2012, 23:32 0 0
"And to code one just for samsung phone is a lack of forth sight to me."
How so? Between the 2 model CPUs involved, there has to be at least a couple of million vulnerable devices. Sounds like a target-rich environment to me.
12. Joshing4fun posted on 16 Dec 2012, 23:27 3 0
Couldn't this be good in some way? Like used for good, not evil?
13. MeoCao (unregistered) posted on 16 Dec 2012, 23:30 12 1
This is why Android is strong, it has the backing of an enthusiastic community.
Good job XDA
Hopefull SS will have the patch soon.
15. wendygarett posted on 16 Dec 2012, 23:33 2 17
The stronger the android, the more evil the malwares are, you cannot ran away from malware tho, especially in ANDROID!!
16. MeoCao (unregistered) posted on 17 Dec 2012, 00:03 9 2
LOL, we prefer this to weak iOS and weak malware.
18. rusticguy posted on 17 Dec 2012, 01:48 3 0
How big was the "security update" in 2010 as far as Apple was concerned? Security by obscurity is M$ ways of claiming that system is more secure than others
There's a bitdefender article on Apple security in 2010 :)
19. groupsacc posted on 17 Dec 2012, 02:38 1 0
It'd be a good idea to stop installing any apps or even updating existing apps till this is fixed.
Seems like an easy fix, just by removing the offending R/W permission. Samsung should release an apk to run this permission removal as a script asap.
21. XaErO posted on 17 Dec 2012, 03:06 1 0
Well, there is one BAD news and one GOOD.
1. BAD NEWS - Any app can take over the Root level access.
Samsung shall take care of this in upcoming days. So just be cautious while installing any new app even from Google Play store and look-out for the official patch from Samsung.
2. GOOD NEWS - You can root your device using this exploit.
Root your mobile device using the app developed by "Chainfire" (based on this vulnerability) with just one click. It is named as "ExynosAbuse v1.10". It is completely hassle free. This can be useful for those who can take some Risk but do not want to get into tedious "rooting" process.
22. someones4 posted on 17 Dec 2012, 04:31 0 0
Apparently, this thing is for real...Was browsing the internet and an application installed itself and just bricked up my phone. lost all my data.
Anyone knows how to retrieve deleted data? i seldom perform backups
23. wendygarett posted on 17 Dec 2012, 04:49 0 2
If you have dropbox, your photo and pictures will be safe, because dropbox will auto upload all your photo once your data is opened...
That's all I can help, the rest you need to ask someone elae, sorry my friends
30. bluescreen posted on 18 Dec 2012, 07:58 0 0
sounds more like u were surfing porn sites and got hit by a virus lmao....sucks, trying to choke the chicken and they choked ur phone instead!!!
24. redmd posted on 17 Dec 2012, 05:11 0 0
so how does this affect our everyday use of the phone?
26. mariosraptor posted on 17 Dec 2012, 08:36 1 0
i believe Apple is behind every malware for Android. they leak them to attract people to ios
29. networkdood posted on 17 Dec 2012, 22:46 0 0
wouldn't that be something - however...this is all just fiction.