Does anyone know when we can expect a hot fix for this security issue? Is it recommended to not download any apps until a fix is pushed out?
Samsung Galaxy S3, Galaxy Note 2 security fix in the works | Expert Reviews
Wow, NT6X, thank you for posting this.
Very interesting reading through all of the referenced downstream links.
The first article does say Samsung is aware and working on a fix--I'm sure its a pretty big deal for them since it affects so many devices, but that probably lengthens the time it will take to have a fix for your specific device.
They (Samsung) is probably also weighing the likelihood of a malicious app (coming from a non-Market source) that might implement this. If you stick to well-known apps from well-known sources, you should be fine.
There are apparently ways to install a patch to close the exploit, but it basically involves rooting your device (you can unroot it afterwards, though and let the patch in-place).
Very cool post, though!
edit: also, non-root temporary fix is available: http://project-voodoo.org/articles/instant-fix-app-for-exynos-mem-abuse-vulnerability-no-root-required-reversible
, but it may impact your ability install an OTA update (especially ones pushed-out to address / fix the exploit
), so all due caution is advised.