Got a Samsung Galaxy SIII? Maybe a Galaxy Note II? Well listen up because there's a new boogeyman on the loose. According to a thread at XDA Developers, there's an exploit out there that can let Android malware apps get at all your physical memory, for the purposes of stealing your data or deleting it or whathaveyou.
The exploit was found by a user called Alephzain who was able to use it to root his Samsung Galaxy S III, but the flaw also extends to a number of Samsung phones, all of which have certain Exynos processors, a key element to using the exploit. It's working in practice too, another user called Chainfire has already build an apk that can use the "ExynosAbuse" to root a number of devices including:
• Samsung Galaxy S2 GT-I9100
• Samsung Galaxy S3 GT-I9300
• Samsung Galaxy S3 LTE GT-I9305
• Samsung Galaxy Note GT-N7000
• Samsung Galaxy Note 2 GT-N7100
• Verizon Galaxy Note 2 SCH-I605 (locked bootloaders)
• Samsung Galaxy Note 10.1 GT-N8000
• Samsung Galaxy Note 10.1 GT-N8010
It's worth noting the Nexus 10 is safe because it has a Exynos 5 chip instead of a 4.
Users on the thread have reached out to Samsung to share information about the vulnerability, but Samsung has yet to come out and say anything about it. In the meantime, the affected devices are susceptable to all kinds of attack by malware apps. So if you needed another reason to not going around downloading sketchy apps on your GSIII, this ought to do the trick. [XDA Developers via The Next Web]