Saturday, January 05, 2013

Samsung pushes out Exynos vulnerability fix for U.K. Galaxy S IIIs

Samsung has confirmed it is pushing out an OTA ROM update to U.K. Samsung Galaxy S III handsets that will close a vulnerability noted in mid-December by an independent developer. Samsung acknowledged the issue a few days later and promised that an official patch was in development.

Notably, this fix is only for U.K. Galaxy S III devices. The vulnerability appears to affect devices running a Exynos 4210 or 4412 processor, and has been confirmed on Galaxy S II, III, Note II and the Meizu MX as well, but not just in the U.K.

The exploit allows read / write access to all physical memory on the device, which makes for an easy root, but also makes for a relatively easy way to take over the device.

There's still no timeline on when Samsung will roll out fixes to other carriers and devices, but at least U.K. GS3 owners can rest easy. There are, however, third-party fixes that are already available for those not in the U.K. and using a different affected device. The alternative fix is just a simple APK install.

Meanwhile, for once U.S. Samsung owners can be happy they were shortchanged. Because of incompatibilities with LTE, U.S. Galaxy S III devices were shipped with a Qualcomm Snapdragon S4 processor instead, so there is no concern over the vulnerability there.

However, U.S. Samsung Galaxy Note II owners are not so lucky. Those devices sport Exynos processors.

No comments: