Software update reportedly fixes Samsung's Exynos security hole

Update being rolled out to owners in the U.K. addresses vulnerability in select Samsung devices that allowed access to user data.

Samsung's Galaxy Note 2.
Samsung's Galaxy Note 2. Josh Miller/CNET

Samsung has issued a software update to address a nasty vulnerability found in a handful of smartphones that allowed attackers access to user data and left the handset vulnerable to malicious apps and bricking.

The vulnerability, which was discovered last month , lies in Exynos 4, the ARM-based system-on-a-chip typically found in Samsung smartphones and tablets. An exploit bypasses the system permissions, allowing any app to extract data from the device's RAM or inject malicious code into the kernel of a Galaxy S3. But other devices using the Exynos 4 were also found to be vulnerable, including select Galaxy S2 models, the Galaxy Note, the Galaxy Note 2, and the Galaxy Tab 2 tablet.

Samsung issued a software update for the S3 yesterday in the U.K. that fixes the problem, according to a SamMobile report. The update is also said to fix a "sudden death" issue that caused some devices to seize up, though that was unconfirmed.

There was no word on when U.S. users could expect the update. CNET has contacted Samsung for more information and will update this report when we learn more.

About the author

Steven Musil is the night news editor at CNET News. Before joining CNET News in 2000, Steven spent 10 years at various Bay Area newspapers.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

HOT ON CNET

See the world with Smithsonian Channel iOS app

Watch free videos and full episodes of original series and documentaries with the new app.