Samsung's most popular mobiles could be vulnerable to app-based attacks, according to a XDA developer, he discovery a security risk in Samsung's own-brand Exynos 4 processor.
XDA Developers member "alephzain" says they found the problem when investigating new ways to root the Samsung Galaxy S3. The vulnerability lies within Samsung's Exynos 4 chip, and noted that a Play Store app could potentially access information from the phone's RAM or even inject malicious code directly into its kernel. It has also been reported that the vulnerability could affect all devices that are equipped with a Exynos 4210 or 4412 processor and utilize Samsung's kernel.
"RAM dump, kernel code injection and others could be possible via app installation from Play Store", alephzain writes. The Galaxy S2 and Galaxy Note 2 could also play host to the same security hole. The good news is we can easily obtain root on these devices", the original post reads, "and the bad is there is no control over it".
It seems users have been able to plug the hole with some industrious tinkering, though adjusting the smart phone's code appears to be disabling the S3's camera. Luke at CNET contacted Samsung about the reported vulnerability and he will post an update.
When Samsung was brought attention to this problem, they posted the following message.
"We are currently in the process of conducting an internal review".
We hope Samsung will post a fix to this soon.