A couple of days ago, we learned a new software vulnerability within Samsung’s hardware courtesy of a member of the thriving XDA-Developer forums, and at the time, it was classed as a kernel level exploit providing the perfect breeding ground for malicious apps to access physical memory of devices affected. Today, Samsung has stepped out and confirmed the existence of the vulnerability, stating its intent to address the situation as a matter of urgency.
The Korean consumer electronics giant released a statement over at AndroidCentral, in which the company notes its awareness of the security flaw – which is related to the Exynos processor – and fully intends to release a software update "to address it as quickly as possible."
It looks as though the exploit affects those running devices featuring Samsung code on Exynos 4210 and 4412 processors, which would exemplify the all LTE versions of the Galaxy S III in the United States. Samsung was also quick to point out that in the meantime, so long as users stick to running legitimate apps from reputable sources, the chance of the exploit causing any damage is next to none.
Android devices get a bit of a hard time when it comes to malware, so it certainly does not help when instances like this arise. With that said, Samsung has been prompt in its response, and as such, the likelihood of this situation escalating is very low indeed.
Last fall, it emerged that malware on Android had risen by a staggering 472% in just a few months, and this year, malware has risen once again – this time by 580%. The same report that brought about the colossal figure for this year also concluded that, at the time of the report, as many as 23 apps on the Play Store’s Top 500 List were deemed as "unsafe" for users.
It’s certainly a problem, and with figures seeming to rise, it’s no wonder Lookout Mobile Security estimates as many as 18 million devices could be affected by malware throughout 2013. Some would argue that the numbers are relative to the growth of Android as a whole, and be that as it may, if the figures are still not acceptable at a time when consumer awareness on security and privacy is perhaps as high as it has ever been.