We kept talking about Android malware these days, with various reports from security firms coming out to suggest that even more Android devices will be affected by malicious apps next year.

In addition to these reports, we have a new exploit discovery to show you, via xda-developers, that could prove to be harmful for various 2012 flagship Samsung products including the Galaxy S3 and Galaxy Note 2, but other devices that pack Exynos chips also.

xda user alephazin has discovered a vulnerability in Exynos processors version 4210 and 4412 that essentially allows any Android app to access and control the whole device:

Recently discover a way to obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.
This device is R/W by all users and give access to all physical memory … what’s wrong with Samsung ? […]
The good news is we can easily obtain root on these devices and the bad is there is no control over it.
Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible.

Moreover, user Chainfire has already managed to come up with a one-click root method based on this exploit – called Exynos Abuse. And Samsung has been notified about the whole issue.

The company is yet to offer an explanation for this potentially harmful exploit, so meanwhile we’ll just list some of the devices that could be affected, at least in theory, by malicious apps that would target this exploit:

  • Samsung Galaxy S2 GT-I9100
  • Samsung Galaxy S3 GT-I9300
  • Samsung Galaxy S3 LTE GT-I9305
  • Samsung Galaxy Note GT-N7000
  • Samsung Galaxy Note 2 GT-N7100
  • Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders)
  • Samsung Galaxy Note 10.1 GT-N8000
  • Samsung Galaxy Note 10.1 GT-N8010.

We’ll be back with more news once we have it.