Samsung to patch vulnerability affecting over 600 million smartphones

Samsung has confirmed that it will deploy a security update in the comings days to address a vulnerability that affects over 600 million of its smartphones. Discovered by U.S. mobile phone security firm NowSecure, handsets including the Galaxy S6, Galaxy S5 and Galaxy S4 are susceptible to hijacking due to an issue with the pre-installed keyboard, SwiftKey.

"This vulnerability, as noted by the researchers, requires a very specific set of conditions for a hacker to be able to exploit a device this way," wrote Samsung on its official blog. "This includes the user and the hacker physically being on the same unprotected network while downloading a language update."

"There have been no reported customer cases of Galaxy devices being compromised through these keyboard updates. But as the reports indicate, the risk does exist and Samsung will roll out a security policy update in the coming days."

Samsung smartphone owners will enable to automatic security policy updates. This can be done by opening the settings app, selecting "lock screen and security", "other security settings", "security policy updates" and ensuring "automatic updates" has been activated.

In the meantime, Samsung smartphone owners should avoid the use of public or insecure wireless networks.

Leave a Reply