According to a new PCMag report, Mordechai Guri, a researcher and Ph.D. student at Ben-Guarion University (BGU) of the Negev in Israel, uncovered a new critical vulnerability in Knox, which is Samsung's mobile security solution. According to Guri, this vulnerability could enable 'Easy interception of data communications' and he was very surprised that a solution he considers to be state-of-the-art could be so susceptible to an attack.
How does Knox work? The solution adds a 'secure container' to a typical mobile environment in order to protect the data and communications activity that takes place on that device. The goal is to protect all that data and communication inside the secure container even in the case of a malware infection. However...
"The newly found breach can be used to bypass all Knox security measures. By simply installing an 'innocent' app on the regular phone (in the non-secure container) all communications from the phone can be captured and exposed."
Because many businesses and government agencies currently use Knox, Guri says that this vulnerability needs to be addressed immediately. He added that the researchers are also contacting Samsung to provide the details of the breach so that the problem can be fixed ASAP.
While Samsung didn't respond immediately, a company spokesperson went on to explain that the university researchers' exploit "appears to be equivalent to some well-known attacks" and was "conducted on a device that wasn't fully loaded with the extra software that a corporate client would use in conjunction with Knox." They went on to say:
"Rest assured, the core Knox architecture cannot be compromised or infiltrated by such malware."
That remains to be seen, however, as Guri clearly uncovered the vulnerability and the researchers seem very concerned. We'll have to wait and see how this story continues to develop, but one thing is for certain...When you combine an ever-evolving threat landscape with today's shift to BYOD, it's crucial for businesses to protect mobile devices with a powerful security solution that will help prevent data loss and keep the mobile workforce protected.
Microsoft® Windows Insider MVP - Windows Security