Earlier this week, it was discovered that the kernel for various popular Samsung devices, such as the Galaxy Note II and the Galaxy S III contained a security hole that exposed owners of affected devices to malicious code that could take complete control of the phone. It wasn’t long before xda-developers were on the case, and reknowned developer Supercurio released a fix for the vulnerability that plugged the hole, but also disabled the device’s front-facing camera.

A Samsung representative spoke with Android Central today, acknowledging the vulnerability and its seriousness, and promising to work quickly to release a fix. Hopefully the update isn’t delayed by carriers’ testing procedures; a security fix like this should be pushed out to every affected device as soon as possible. So if you have a Samsung phone, keep checking for updates, and as always, we’ll let you know when we hear that the fix is being pushed out.

Here’s Samsung’s announcement:

Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.

The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.

Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices

Source: Android Central.
Inline Feedbacks
View all comments
Nick Fletcher

Please note: supercurio’s method does not actually plug the security hole, ChainFire had proved this. At the moment the only way to fully mitigate against attacks using this security hole is to is to apply ChainFire’s app which modifies your system:

Or flash one of AndreiLux’s kernels which does a low level patch. With the kernel fix your camera will still work:

His kernels are available in the various development forums on xda, if you’re into that thing I highly recommend them – they’re excellent


My S3 GT-9300T (Vodafone) as of 10.00pm WST has just received an OTA update notification about 8.03MB in size, mentioning something about “improved stability”. Could possibly be the fix. Installing now…(update) Build no. now is JRO03C……DUDLK3. Well, nothing significant noticed…