Update: Samsung has told Android Central that it is “currently in the process of conducting an internal review” into the matter.
Earlier: Samsung is in a security mess yet again. After the September’s remote full wipe hack, now a XDA user is reporting that Samsung Galaxy S III, Note II and other devices running Exynos 4210 or 4412 processors are vulnerable to a kernel exploit.
This exploit allows the attacker to gain root access on the device. The phones are open to attack even from the apps downloaded via Google Play. Malicious apps from Play store can perform kernel code injections, take RAM dumps and do many other tasks, which I am sure, none of you would want.
Samsung has been reportedly made aware of the issues, although they have not released any official comment regarding the same.
XDA member supercurio has also released a fix for the exploit, which can be downloaded from here and works even for the non-rooted phones.
