Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the public about the seriousness of the matter and maybe make the company pick up the pace.
Mindful of the danger that the vulnerabilities present to the users if they are exploited by malicious individuals, he decided not to share any technical details, but to just give a broad overview of what their misuse would allow:
- a silent installation of highly-privileged applications with no user interaction
- SMS sending and changing of various phone settings without the app requiring the permission to do so
- an app performing almost any action on the victim’s phone.
“All these issues were caused by Samsung-specific software or customizations,” he noted. “All the vulnerabilities I reported can be exploited from an unprivileged local application. In other words, no specific Android privileges are required for the attacks to succeed. This allows attackers to conceal the exploit code inside a low-privileged (and apparently benign) application, distributed through Google Play or the Samsung Apps market.”
He admits at being surprised at the length of time it takes for Samsung to patch the vulnerabilities, especially because he believes they are easily fixed. The company replied to him that “any patches [Samsung] develops must first be approved by the network carriers.”
In the meantime, UK blogger Terence Eden has demonstrated another lock screen bypass flaw he found on Samsung Android phones, which allows anyone to completely disable the lock screen and get access to any app.
The lock screen bypass flaw he discovered earlier this month has still not been patched by Samsung, but Bkav has released a patch that not only fixes the flaw, but also takes a photo of anyone trying to misuse the flaw and emails it to the phone’s owner.
UPDATE (March 22): Bkav has developed a patch for the Samsung lock screen flaw disclosed by Eden.