The vulnerability, Same Origin Policy (SOP), comes pre-installed on millions of Samsung Android devices worldwide and allows attackers to steal data from the Samsung Internet browser.
Identified as CVE-2017-17692, the vulnerability bypass issue resides in the popular Samsung Internet Browser version 5.4.02.3 and earlier. The SOP security feature enables web pages from within the browser to communicate with each other while preventing unrelated websites to do so. In slightly more techy terms, the Javascript code from one origin (website) shouldn’t be able to access the properties of another origin, or website.
Because Samsung has allowed the bypass in its stock Samsung Internet Browser, it leaves people who use the stock Samsung Android browser vulnerable to malicious attacks including stealing of data (passwords or cookies, to name a few), hijacking sessions and reading and writing webmail on your behalf. Essentially, the attacker can insert custom Javascript into any domain, provided the victim user visits the attacker-controlled web page first.
A patch has since been released and bundled into Samsung’s latest phone offerings but there are still phones out there which haven’t been patched. Samsung’s stock browser still proves to be a popular choice for users around the world – a single breach could not only harm the user in question but also other people who are connected with the user. If you think you’re using an unpatched Samsung phone and using the stock browser, we advise not to use it within your work network as it may have catastrophic affects on your organisation.
The first step is to update your phone to the latest firmware (with the latest patch) and to use a different mobile browser (Google Chrome or Mozilla Firefox are good choices). Unless it is a complete necessity, do not login to personal accounts using your unpatched phone on the stock android browser.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditations from the world’s leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.