Android flaw leaves Samsung vulnerable, users charge - grillomurds1936

A suspected fault in how Samsung Electronics has implemented the Android's core in several of its devices could allow a malicious application program to gain total control over the device.

The exposure was described on Sat by the user "alephzain" on XDA Developers, a forum for floating developers. IT affects devices using the Exynos processor models 4210 and 4412. Alephzain wrote that the issue was a "big misidentify." (See also "Mobile Malware: It's poor now, merely volition be worsened in 2012.")

By Sunday, other developer on the forum, Chainfire, had posted an Android application package (.apk) file out that will with success feat the vulnerability.

"You should be very afraid of this exploit," Chainfire wrote. "Any app terminate use it to gain etymon without interrogative and without any permissions on a vulnerable device."

Affected devices include versions of Samsung's S2 and S3 mobile phones, the Galaxy Note and Note II, Galaxy Note Plus and Galaxy Note 10.1, according to the post by Chainfire.

Hackers have progressively targeted the Mechanical man OS, construction applications that appear benign but can contain encipher that can steal data from a twist or perform new malicious actions. Google has responded to the rise of poisonous Humanoid applications by implementing an automated electronic scanner in its Play marketplace to detect malicious ones.

But unvetted Android applications abound or so the internet, posing a risk to users. Security system vendors have found malicious applications that send SMS messages to superior value numbers and ones that intercept one-metre passcodes for banking applications.

Samsung officials did not take up an immediate comment.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk