If you’re using a Samsung Android phone, chances are you use the Kies software that comes bundled with it to update your phone, perform file transfers, sync, and all that. However it has been recently discovered on a blog that despite the Kies’ seemingly innocent and straightforward nature, it did have the potential to allow malicious applications to be installed on the user’s device. An app downloaded from the Google Play store could in theory hijack the “install_packages” permission within the Kies software and could then proceed to install more apps without the user’s knowledge or permission! This exploit can be seen demonstrated in the video above for those who are curious. The good news is that this vulnerability isn’t that big of a deal since apparently it can be patched with a simple OTA update, so hopefully Samsung and other manufacturers who rely on custom UIs will be looking into this issue ASAP!

This article was filed in Homepage > Cellphones and was tagged with Samsung. The story was spotted on phandroid
Like us, and get the best stories

User Comments