Mateusz Jurczyk, one of Google’s cyber security experts, detected a critical vulnerability in February last year, affecting Samsung smartphones and has been around since 2014. Samsung closed this gap with the May security patch.
South Korean technology giant Samsung does not intend to lose the title of the biggest smartphone manufacturer in the world. In this context, the company confronts consumers with new smartphone models on the one hand, and on the other hand, it continues to publish software updates of its existing smart phones and tries to keep its customers always up-to-date and secure. Now the company has addressed a vulnerability that has put phones at risk since 2014.
Samsung branded smartphones started supporting an image format called “Qmage” in 2014. However, Google’s security researcher Mateusz Jurczyk found that an Android library called “Skia” with Qmage support and this support actually caused a huge vulnerability. As a result of research and studies, this vulnerability was quickly resolved.
Studies by Mateusz Jurczyk reveal that the vulnerability in question is a 0-touch vulnerability. Images in Qmage format on the phone were directed to the Skia library. Moreover, this referral was not under user control. In other words, this referral was made even though the users did not know. Jurczyk said that it is sufficient to use Samsung’s Messages application to exploit this vulnerability.
Vulnerability could be exploited in just 100 minutes
Jurczyk has sent repeated MMS to a smartphone to exploit Samsung’s vulnerability. These MMS messages were trying to access the phone’s Skia library every time, which resulted in circumventing the ASLR protection of the Android operating system. As a result, attack codes could be overrun and run on the device.
Speaking of the attack process in his statements on the subject, Jurczyk says he needs about 100 minutes and 50 to 300 MMS to bypass ASLR protection. In addition, the cyber security specialist states that the owner of the phone will not be aware of this attack, which means that the vulnerability is too risky. Fortunately, Samsung has addressed this vulnerability.
Although it has been around since 2014, the security vulnerability that was detected and reported to Samsung last February was resolved after the studies of Samsung engineers. If you are using a Samsung branded device and the security patch that the company offers for May, is installed on your phone, we can clearly state that this vulnerability does not affect you.