The community at xda continues to beaver away on rooting any and all Android handsets, which is nice, but one user has stumbled across a worrying security exploit in some Exynos-based devices.
User Alephzain discovered that the Samsung Galaxy S III kernel, for one, allows read/write access to all physical memory - including the kernel. Oh dear.
The good news is that the discovery allows the Samsung Galaxy S III to be easily rooted without flashing with Odin.
The bad news is that it leaves the Samsung Galaxy S III open to attack. Malicious apps could potentially wipe data, brick devices, or quietly steal user info.
Exynos devices thought to be at risk include the Samsung Galaxy S III, Samsung Galaxy Note 2 and Meixu MX, though – in the worst case – the exploit might extend to any device with an Exynos 4210 or 4412 processor.
Excellently, user Supercurio has developed a fix for the vulnerability, with no need to root or flash. Lovely. The only downside being that the Samsung Galaxy S III’s front camera is disabled, though the fix can easily be toggled on/off.
Samsung has yet to comment, though in September it quickly responded to fears that the Samsung Galaxy S III could be remotely restored to default.