Superuser app vulnerabilities detailed as devs race to deliver fixes

Advertisement

We all know that rooting your Android carries with it a certain level of risk. Once that door is opened, though, we try to mitigate any impact by using superuser apps that act as bouncers, only granting that high-clearance access to apps deemed necessary by us, the users. At least, that’s how we expect them to work, but a number of vulnerabilities have recently been uncovered in some very popular superuser apps, potentially allowing malicious software to sidestep the protections they offer.

Affected apps include the ChainsDD Superuser, the Koush Superuser, and older versions of Chainfire SuperSU. SuperSU has already been updated to secure itself against these exploits, and the Koush Superuser is mostly fixed, with just one of several bugs still outstanding. The ChainsDD one, on the other hand, isn’t expected to be updated at all, and users should probably find something new.

If you’re interested in keeping your device safe – especially now that these exploits have been made public – make sure you’re on the very latest version of your superuser app, and maybe even consider using SuperSU until Koush is 100% fixed.

Source: XDA-Developers forum
Via: Android Police

Advertisement

What's your reaction?
Love It
0%
Like It
0%
Want It
0%
Had It
0%
Hated It
0%
About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bitsRead more about Stephen Schenck!