Using an old Samsung phone? Your device could be at risk from a serious vulnerability

3 weeks ago 14
samsung galaxy stock photo

Rita El Khoury / Android Authority

TL;DR

  • Google discovered a severe vulnerability in certain older Samsung Exynos processors that hackers are actively exploiting.
  • The flaw allows attackers to gain control over affected devices, potentially accessing sensitive functions remotely.
  • Samsung has acknowledged the flaw and issued an October security patch to fix it.

Google’s security team has just revealed a severe vulnerability of certain Samsung phones, and hackers are already exploiting it. Google’s Threat Analysis Group (TAG) uncovered this exploit, detailing how attackers are leveraging a bug within Samsung’s processors to gain unauthorized access and execute arbitrary code on devices. (h/t: The Register)

The vulnerability, identified as CVE-2024-44068, targets Samsung’s mobile processors, including older models like Exynos 9820, 9825, 980, 990, 850, and W920. This vulnerability could impact a variety of Samsung devices, especially older models like the Galaxy S10 and Note 10 series. Samsung has released a patch as part of its October 7 security maintenance update, but older devices might miss out on this protection if they lack regular software support.

What is the security flaw?

Imagine your phone’s memory as a busy office building. When a task is finished, it’s supposed to close its office door and clear out. But this flaw is like leaving the door wide open after everyone leaves. Technically speaking, it’s called a “use-after-free” vulnerability. This means the memory isn’t properly cleared after a process finishes, allowing hackers to sneak in and potentially take control of your phone.

Google’s security researchers, Xingyu Jin and Clement Lecigene, not only discovered this flaw but also found evidence that hackers are actively exploiting it. They’re essentially using this “unlocked room” to gain higher privileges on your phone and execute malicious code.

Interestingly, this isn’t the only recent security issue Samsung has addressed. October’s security patch also targeted five critical vulnerabilities in Galaxy-specific firmware that affected media handling processes. In both cases, Samsung’s hardware driver processes — specifically for camera services — appear to have been targeted, with the flaw capable of renaming processes to obscure malicious activity.

In a statement to The Register, Samsung confirmed its awareness of the issue and said that it had begun rolling out patches through its monthly security updates. “Samsung is committed to providing the highest level of security for our users,” a spokesperson stated, advising users to keep their devices up-to-date with the latest updates.

This news is especially concerning for older devices that might not be receiving regular software updates anymore. If your phone is affected and hasn’t been receiving monthly security patches anymore, you should consider upgrading to a newer model to ensure your data and privacy remain protected.

Got a tip? Talk to us! Email our staff at [email protected]. You can stay anonymous or get credit for the info, it's your choice.

Read Entire Article