Security researchers at Google have discovered that Android manufacturers don't do much to improve the security of the ecosystem, especially if they're adding custom skins and software to the operating system.
The team at Google analyzed Samsung's Galaxy S6 Edge, running Android 5.1 with TouchWiz, and found 11 "high-impact security issues" that were relatively easy to find during a week's work. The idea was to see how an OEM device differs from a Nexus device running stock Android in its security, and the results shouldn't come as a huge surprise.
One of the vulnerabilities the researchers discovered in the S6 Edge related to a process that scanned for and automatically unzipped a file in a certain location. Samsung wasn't verifying the file path, however, which allows an attacker to write files to an unexpected system location.
An issue in Samsung's email client was uncovered that made it easy to forward a user's emails to another account. Another issue in the email client allowed JavaScript embedded in the message to be executed.
A further three issues were discovered in Samsung's device drivers, and another five in Samsung's image processing software, which allowed an attacker to escalate their privileges in a variety of areas. Some attacks could have originated from a single image file, and in other cases from an unprivileged application.
When Google notified Samsung of the issues with their handset, the company responded promptly, and has already patched most of the issues in the latest October Maintenance Release. Three lower-severity issues remain unpatched, although a November patch is expected to address these vulnerabilities.
While Google was impressed at how quickly these issues were addressed, it's obviously not ideal to have OEMs introducing vulnerabilities into the operating system with their dodgy code. Devices with stock Android remain the most secure on the market today, so if you want to keep your device safe, it's probably best to buy a Nexus