It’s official, Samsung is the new Adobe

I keep thinking “this will be the last time I post about a big security hole in a Samsung product”, but Samsung just can’t seem to stop giving me material.

Here’s two more for the pile:

First, the appetizer:  Samsung Smart TVs can be remotely exploited

This isn’t an Earth-shattering security hole, since there’s not a lot of valuable data on most Internet connected TVs, however it is possible that this could be used against a TV installed in a company’s waiting area.  Then imagine the attacker is able to install a bit of code that lets him pivot from the TV to probe the company’s network for other vulnerabilities.  Did the IT department sequester the TV to a safe subnet, or is it just plugged in with everything else?

Now, the main course:

Lax security on Samsung’s mobile processor allows for complete memory access

This one’s really bad.  The memory location within the kernel has basically no protection on it, so a maliciously crafted app can completely take over the phone or tablet.  Details are still emerging at this point, but if the reports are accurate there needs to be a patch issued for this immediately.  Of course being an Android issue, the patch will take anywhere between two and eight months to be approved for release by the carriers.

I hadn’t planned on getting any Samsung devices in the near future, but now I’m certain to avoid them.



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s