Samsung says the likelihood of successful attack is low since the user and hacker have to physically be on the same unprotected network while downloading a language update.
Further, all Samsung flagship models since the Galaxy S4 are protected with the KNOX security platform, which provides real-time kernel protection and requires advanced capabilities for SwiftKey attacks to be effective. Samsung and other security companies have warned users of these models to pay extra care to the updates they install on their smartphones. When the updates are completed and made available, they will be automatically pushed out to Galaxy smartphone users, according to Samsung. Samsung, the South Korea-based phone maker, has just announced two new smartphones that are aiming to attract the customers who take a lot of selfies. However, the update, which is version 5.1.1, is only currently being released to one percent of the mobile carrier’s users, GSM Arena reported.
On Samsung’s end, there have been no recorded keyboard exploit cases.
So this security vulnerability is in a program that comes pre-installed on every Samsung Galaxy device, cannot be un-installed, and leaves you vulnerable even if you never use it. Ryan Welton, a mobile security researcher with NowSecure, wrote that the firm first notified Samsung in December 2014 of the flaw, along with the United States Computer Emergency Readiness Team (CERT) and Google’s Android security team.
In a public statement following the disclosure of NowSecure, SwiftKey said that it has only found out about the flaw when the cybersecurity firm pointed it out. However, they acknowledged that there was a risk and said there would be an update to security policy “in the coming days”. Knox is Samsung’s security software, and can prevent malicious code from running.
Samsung also said it would work closely with its partners, including SwiftKey, to “address potential risks going forward”. “Also, it isn’t easy for the Samsung mobile device user to tell if the carrier has patched the problem with a software update”, NowSecure said in a report on its website.