Rita El Khoury / Android Authority
TL;DR
Google has discovered a critical vulnerability in certain older Samsung Exynos processors that hackers are actively exploiting. This flaw could allow an attacker to take control of an affected device and remotely access sensitive functionality. Samsung acknowledged the flaw and issued an October security patch to fix it.
Google’s security team has revealed a critical vulnerability in certain Samsung phones, and hackers are already exploiting it. Google’s Threat Analysis Group (TAG) discovered the exploit and detailed how an attacker could leverage a bug in Samsung’s processor to gain unauthorized access and execute arbitrary code on the device. (h/t: Register)
The vulnerability, identified as CVE-2024-44068, targets Samsung mobile processors, including older models such as Exynos 9820, 9825, 980, 990, 850, and W920. This vulnerability can affect a variety of Samsung devices, especially older models such as the Galaxy S10 and Note 10 series. Samsung released the patch as part of its October 7 security maintenance update, but older devices may not be able to take advantage of this protection if they don’t have regular software support.
What is a security flaw?
Imagine that your phone’s memory is a crowded office building. When you’re done working, you’re supposed to close the office door and clean up. But this flaw is like leaving the door wide open after everyone has left. Technically speaking, this is called a “use-after-free” vulnerability. This means that the memory is not cleared properly after the process ends, allowing a hacker to sneak in and take control of your phone.
Google security researchers Xingyu Jin and Clement Lecigene not only discovered this flaw, they also found evidence that hackers are actively exploiting it. They are basically taking advantage of this “unlocked room” to gain higher privileges on your phone and run malicious code.
Interestingly, this isn’t the only security issue Samsung has dealt with recently. The October security patch also targeted five critical vulnerabilities in Galaxy-specific firmware that affect the media handling process. In both cases, Samsung’s hardware driver processes (specifically the camera service) appear to be targeted, and the flaw allows the process to be renamed to obscure malicious activity.
In a statement to The Register, Samsung confirmed it was aware of the issue and said it had begun rolling out a patch through monthly security updates. “Samsung is committed to providing the highest level of security to our users,” a spokesperson said, advising users to keep their devices up to date with the latest updates.
This news is especially concerning for older devices that may no longer receive regular software updates. If your phone is affected and doesn’t receive monthly security patches, you should consider upgrading to a newer model to ensure your data and privacy are protected.
comment
