If you’re using a Samsung Android phone, chances are you use the Kies software that comes bundled with it to update your phone, perform file transfers, sync, and all that. However it has been recently discovered on a blog that despite the Kies’ seemingly innocent and straightforward nature, it did have the potential to allow malicious applications to be installed on the user’s device. An app downloaded from the Google Play store could in theory hijack the “install_packages” permission within the Kies software and could then proceed to install more apps without the user’s knowledge or permission! This exploit can be seen demonstrated in the video above for those who are curious. The good news is that this vulnerability isn’t that big of a deal since apparently it can be patched with a simple OTA update, so hopefully Samsung and other manufacturers who rely on custom UIs will be looking into this issue ASAP!
Filed in Samsung.. Read more about