Knox security layer Samsung was affected a large KnoxOut vulnerability to take control of mobile devices.
To encourage professionals to turn to its Android mobile devices, Samsung Group has developed a Knox layer of security in addition to the natural protection of the Google mobile OS.
Presents a number of touchscreen smartphones and tablets, it is one of the arguments of the Korean group to counter the success of iOS devices in the enterprise. But ensure flawless security on such an open platform and rich Android is not an easy task and the Samsung Knox layer has been more or less faulted.
The KnoxOut vulnerability is more serious because it allowed to obtain full control of mobile devices using the overlay. Discover the security company Viral Security Group, she used another existing loophole to circumvent security, says Wired.
The researchers exploited a privilege escalation mechanism (referenced as CVE-2015-1805) in the RKP Module (Real Time Kernel Protection) which allowed them to disable the defenses up and run their own code, giving them full access to the terminals.
From there, it became possible to install malware and replaced by legitimate applications that can recover corrupted versions IDs and passwords without the user noticing.
The method of Viral Security Group has been presented in a publication after patch deployment by Samsung, which recalls the importance of regularly updating mobile devices to benefit from the latest fixes vulnerabilities.
0 comments:
Post a Comment