If you’re using a Samsung Android phone, chances are you use the Kies software that comes bundled with it to update your phone, perform file transfers, sync, and all that. However it has been recently discovered on a blog that despite the Kies’ seemingly innocent and straightforward nature, it did have the potential to allow malicious applications to be installed on the user’s device. An app downloaded from the Google Play store could in theory hijack the “install_packages” permission within the Kies software and could then proceed to install more apps without the user’s knowledge or permission! This exploit can be seen demonstrated in the video above for those who are curious. The good news is that this vulnerability isn’t that big of a deal since apparently it can be patched with a simple OTA update, so hopefully Samsung and other manufacturers who rely on custom UIs will be looking into this issue ASAP!
- 2014-04-11: Galaxy S5 PayPal Fingerprint Support Disabled By Verizon
- 2014-04-11: T-Mobile Offering BlackBerry Users $200 To "Upgrade" To Samsung
- 2014-04-11: Samsung Galaxy S5 Will Be Region-Locked As Well
- 2014-04-11: Leaked HTC One M8 Training Doc Compares It To The Galaxy S5
- 2014-04-10: Samsung Galaxy S5 Stability Update Arrives Prior To Global Launch