Samsung Users, Keep Your Eyes On The Software Update Section Of Your Phone

Source: The Register Samsung Users, Keep Your Eyes On The Software Update Section Of Your Phone

The Thing About Zero Days Is That The Patch Always Comes Later

Those who use Samsung phones should be cautious over the next few days, until Google can create a fix for yet anther new exploit.  The problem is in the hardware and can be used to first escalate privileges and then remotely execute arbitrary code on your phone.  While the official CVE doesn’t suggest it is being actively exploited, several researchers at Google have made use of it already, adding it to an attack making use of several other flaws.  While those particular flaws aren’t mentioned the context suggests they are already known and patched.  Check to see if you have any outstanding updates and check it frequently until this new patch is released.

This 8.1 out of 10 CVSS uses a flaw in memory management and how the device sets up page mapping, allowing an attacker to launch code from within the privileged cameraserver process.  To make life more difficult, once the modified code manages to make itself at home, it renames itself to the valid vendor.samsung.hardware.camera.provider@3.0-service.  So far no official word from Google nor Samsung apart from the CVE, hopefully that will change soon!

The Register reached out to Samsung for more information about the flaw and in-the-wild exploits, but did not immediately receive a response. We will update this story when we hear back.

Video News

About The Author

Jeremy Hellstrom

Call it K7M.com, AMDMB.com, or PC Perspective, Jeremy has been hanging out and then working with the gang here for years. Apart from the front page you might find him on the BOINC Forums or possibly the Fraggin' Frogs if he has the time.

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Podcasts

Archive & Timeline

Previous 12 months
Explore: All The Years!