A Samsung spokesperson has given Android Central an updated statement on its plans to fix the recently-discovered Exynos kernel vulnerability issue. In today's update, the company has indicated that it's aware of the problem and is preparing to move forward with software updates to remedy the situation on affected devices "as quickly as possible." Samsung also confirms what we already knew about the nature of the exploit, specifically that a specially-coded malicious app is required to take advantage of it. (As we mentioned a few days back, if you're not downloading sketchy apps, you probably don't have much to worry about.)
Here's Samsung's statement in full --
Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.
The exploit, which was discovered over the weekend, could give a malicious app to free reign over an affected device's RAM, allowing it to take complete control of the device. Over the weekend, popular phones like the Galaxy Note 2 and international Galaxy S3 and Galaxy S2 were found to be vulnerable to the exploit. Given that sales of those devices are measured in the tens of millions, it isn't surprising to see a swift response from the manufacturer.
In the meantime, there are third-party fixes already available for those worried about falling foul of malware based upon this vulnerability.
- Related devices:
- Filed under: