In his blog post, he detailed how the vulnerability can be exploited once a hacker controls the network which the device is connected to, such as local and wireless networks.
Samsung said Friday no hacks have been reported after a tech security firm reported 600 million Galaxy smartphones had a problematic keyboard.
The vulnerability seems to come from a Samsung version of Swiftkey which comes standard with Galaxy S6, S5 and other Galaxy devices.
Potential malware can access the device as its stock keyboard, the SwiftKey’s predictive keyboard, updates itself.
Samsung Galaxy devices vulnerable to the keyboard exploit issue can now fix the problem through activating a security feature in the handset’s settings.
“The likelihood of making a successful attack, exploiting this vulnerability is low”, the company said in a statement. In this case, a bigger battery was required, so Samsung loaded the J7 with a 3000 mAh power pack.
The flaws were revealed this week by security company NowSecure’s researcher Ryan Welton, after he found he could hack into user’s Samsung phones pre-loaded with SwiftKey keyboards, whilst the phone was updating or downloading new language packages.
The latest Samsung Galaxy S6 is viewed as the most powerful smartphone in the world but it is not flawless in any way.
The security policy update will be pushed to the user. Samsung, the South Korea-based phone maker, has just announced two new smartphones that are aiming to attract the customers who take a lot of selfies. When the fix is available, users will be prompted to agree to the security update.
Ordinary Samsung Galaxy owners aren’t the only ones at risk here, of course; last autumn the National Security Agency officially approved Samsung Knox devices for official government use.
Devices without the Knox system will be addressed by a later update, Samsung said. It will be an update to the Galaxy Note 4, and if rumors are true, Samsung wants to get it out in August to beat out Apple’s next release of an update iPhone, according to TechRadar.