Samsung Keyboard Bug Makes 600 Million Devices Vulnerable — Morning News

(Click image for larger view and slideshow.).

Devices without the Knox system will be addressed by a later update, Samsung said.

Samsung announced a fix to its keyboard software after a security flaw in Samsung Galaxy smartphones and tablets have left up to 600 million devices at risk from hackers gaining access to personal pictures, messages and applications, according to a mobile security researcher. Channel3000 writes, “the flaw potentially allows hackers to spy on anyone using a Samsung Galaxy phone”.

The likelihood of such an attack being pulled off is incredibly smaller, according to Samsung, which stated it would demand “a pretty certain set of circumstances for a hacker to be able to exploit a device this way”. The user and hacker must physically be on the same unprotected network while a language update is being downloaded. It remains to be seen whether the security updates will be delivered in a similar manner. To this end, Samsung notes that “all flagship models since Galaxy S4 have the KNOX security platform installed and have the KNOX platform protection enabled when you turn the device on”.

NowSecure reported the flaw to Samsung in December 2014 and Samsung developed a patch for the issue earlier this year. With the fast charging feature, a 10 minute charge will assure Galaxy S6 duo users of a 4 hour normal usage battery life. NowSecure claims that Verizon, AT&T, and Sprint have not yet done so. For those users, Samsung promised a firmware update, which will be available “upon completion of all testing and approvals”. The company responded with a generic solution to all the complaints, asking users to factory reset their phones simultaneously. The company has provided quite an unusual solution to this problem: it gave users a free app on the Galaxy Apps store. Samsung and other security companies have warned users of these models to pay extra care to the updates they install on their smartphones. Westin added that many carriers are slow to deploy updates and consumers are not always aware that they need to patch their phones like their computers.


Add Comment