Security Hole Found in Several Samsung Smartphones
Developer discovered vulnerability in Exynos 4-powered devices, including the Galaxy S2 and Galaxy Note.
A security hole affecting several Samsung devices has been uncovered, which could allow apps to access user data, as well as leaving a smartphone vulnerable to malicious applications and bricking.
Discovered and explained by XDA member "alephzain," the vulnerability derives from the Exynos 4, an ARM-based system-on-chip powering a number of Samsung handsets.
The developer created an exploit which he claimed bypasses system permissions, subsequently allowing any application to obtain data from the device's RAM or inject malicious code into the kernel.
Alephzain stated that he uncovered the vulnerability upon trying to find a new method to root his Galaxy S3. The exploit itself, however, affects the Galaxy S2, Galaxy Note and Meizu MX, while Google's Nexus 10 is unaffected due to the utilization of the Exynos 5 chip.
"The good news is we can easily obtain root on these devices and the bad is there is no control over it," Alephzain said.

In saying that though..
101 of I.T - Stick to reputable sources and you'll be fine.
If the user jumps through all these hoops AND chooses to run insecure code, it's up to him/her to suffer the consequences. It's like clicking on all the porn-related pop-ups on your computer (after willingly disabling your firewall and AV) and then complaining your system is compromised. Good luck with that.
Even so, a factory reset is all it takes for an Android system to recover, giving said moron another chance in doing it all over again or playing it safe.
I, personally, know a thing or two about this, and when I choose to take the riskier path, I know exactly what the pitfalls are. That is the beauty of Android, it allows one to do whatever they want with their phones. The greater the freedoms, the greater the potential risks, but I prefer it that way to a nanny system that tells me what I can and I can not do.
These Zak haters are mindless fools. They claim he is some sort of pro Apple guy, yet ignore the fact he writes even negative articles about Apple, that in fact, as his job is, he simply writes what he is suppose to regardless of whether it is positive or negative. They hate Apple so much they let that hate bleed over and show themselves incapable of reasoned, rationale thought.
If these Zak haters actually read the XDA post where this information was gotten from, they would recognize that the reason it is Samsung prevalent is because of how easy it should have been for Samsung to have noticed these things....
•some samsung apps with basic rights need to access it (I doubt it)
•a huge mistake
A simple patch could be to set permissions to 0660 or 0600 in ueventd.smdk4x12.rc, but I don't know how it would affect samsung applications/services.
Honestly, you Zak haters really need to look in the mirror and ask what's so wrong with yourselves that your blind hatred and obvious bigotry for something can spill over to a person merely doing their job and why it has made you so stupid you can't even click the link to the source material from where the article was taken.
The exploit is a silly driver exposing the whole system RAM as a block device that gives full access to everyone, bypassing all other access controls. All Samsung needs to do is either restrain access rights to that driver or remove it altogether and rewrite the few bits of proprietary software that used it.
Careless mistakes happen everywhere. This one just happened to be bigger than average.
-IvanTO
http://forum.xda-developers.com/showthread.php?t=2050297
Now this particular article I don't have a huge issue with, but there are some faults. If you'd read InvalidError's post, you'd realize that the article is missing some information. It's not a CPU vulnerability, it's a software/driver flaw. Furthermore, and I'm far from being an Android fanboy, by default you can only install stuff from Google Play. So this is not likely to be very threatening to stock phones, and it will probably get patched soon anyway (or you could try the unofficial patch nitto posted).
Also: I don't call him iSlam or anything like that, and I don't agree with the level of vitriol, but people are entitled to their opinion. Even you. Even me. Even otacon! Well maybe not otacon, but still... (just kidding otacon).
Now this particular article I don't have a huge issue with, but there are some faults. If you'd read InvalidError's post, you'd realize that the article is missing some information. It's not a CPU vulnerability, it's a software/driver flaw. Furthermore, and I'm far from being an Android fanboy, by default you can only install stuff from Google Play. So this is not likely to be very threatening to stock phones, and it will probably get patched soon anyway (or you could try the unofficial patch nitto posted).
Also: I don't call him iSlam or anything like that, and I don't agree with the level of vitriol, but people are entitled to their opinion. Even you. Even me. Even otacon! Well maybe not otacon, but still... (just kidding otacon).
Doesn't grant you people the right to bash him in his every post. We're civilized people. Well, if you disliked him, just state it nicely. No need to act around like a little beech, like some of you people did.
http://news.cnet.com/8301-1009_3-57559495-83/suspected-security-hole-found-in-many-samsung-devices/