07 May 2020

Samsung patches a critical exploit its smartphones had since 2014



In this week's Security update, Samsung fixed a security flaw relating to how the company's Android skin handles the custom image format Qmage (.qmg files). Support for the format with the bug present has been available on all of the South Korean giant's smartphones since 2014.

The exploit was discovered (via ZDNet) by security researcher Mateusz Jurczyk at Google's Project Zero team of security analysts, who are tasked with finding zero-day vulnerabilities on a wide range of products.

As explained by Mateusz, the issue stems from an Android library named Skia that handles the loading and displaying of various image formats, including the aforementioned Qmage. How it handles Qmage can be exploited by sending MMS (Multimedia Messaging Service) messages to a Samsung device, which are received by Samsung's Messages app.

The MMS messages would first try to discover the position of the phone's Skia library, then deliver a Qmage file which can execute code by the attacker, on the device in question, without any user interaction required.

Mateusz notes that the process takes around 100 minutes, depending on factors such as how fast the user's GSM signal is, the amount of messages already on the device, and if Wi-Fi is enabled or not.

As for what the hacker gains after a successful attack, in the case of how Mateusz did it, it's full access to Samsung Messages, which means private user information such as call logs, contact list, microphone, storage access, messages and more.

Samsung patched the bug in its May 2020 security update, after Mateusz discovered it and reported it to the South Korean company in February.

Smartphones from other companies don't appear to be impacted by the exploit, as Samsung is the only company to support the custom Qmage format, which itself was developed in Samsung's home country of South Korea.
 
Source: phonearena.com

No comments: