Software update reportedly fixes Samsung's Exynos security hole

Update being rolled out to owners in the U.K. addresses vulnerability in select Samsung devices that allowed access to user data.

Steven Musil Night Editor / News

Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.

Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.

See full bio

Steven Musil

Jan. 3, 2013 4:55 p.m. PT

Samsung's Galaxy Note 2. Josh Miller/CNET

Samsung has issued a software update to address a nasty vulnerability found in a handful of smartphones that allowed attackers access to user data and left the handset vulnerable to malicious apps and bricking.

The vulnerability, which was discovered last month, lies in Exynos 4, the ARM-based system-on-a-chip typically found in Samsung smartphones and tablets. An exploit bypasses the system permissions, allowing any app to extract data from the device's RAM or inject malicious code into the kernel of a Galaxy S3. But other devices using the Exynos 4 were also found to be vulnerable, including select Galaxy S2 models, the Galaxy Note, the Galaxy Note 2, and the Galaxy Tab 2 tablet.

Samsung issued a software update for the S3 yesterday in the U.K. that fixes the problem, according to a SamMobile report. The update is also said to fix a "sudden death" issue that caused some devices to seize up, though that was unconfirmed.

There was no word on when U.S. users could expect the update. CNET has contacted Samsung for more information and will update this report when we learn more.

Mobile Guides

Phones

Foldable Phones

Headphones

Mobile Accessories

Smartwatches

Wireless Plans

Mobile coupons