Phones

Samsung developing security update to patch keyboard vulnerability

We reported yesterday how a vulnerability in the default keyboard software of millions of Samsung mobile devices could leave users at risk of being targeted by attackers, the vulnerability was discovered and disclosed by Ryan Welton from NowSecure during the Blackhat Security Summit in London. The vulnerability stemmed from the SwiftKey keyboard pre-installed on countless Samsung smartphones which sends searches for keyboard language packs unencrypted and in plain text, leaving the door open for attackers to create spoof proxy servers to inject malicious code remotely.

NowSecure found the vulnerability to be present in devices such as the Galaxy Note 4, Note 3, Galaxy S3, S4, S5 as well as the Galaxy S6 and S6 edgeSamsung has now officially commented on the issue, saying that it takes emerging security threats “very seriously,” and that it’s aware of this particular issue. It’s going to roll out the security update in a couple of days to address this once and for all.

Samsung takes emerging security threats very seriously. We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days. In addition to the security policy update, we are also working with SwiftKey to address potential risks going forward.

Via

5 Comments

Sign in »

5
Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

HFL087
HFL087

im kinda happy about that. i would get updated before S6

blaineoliver
blaineoliver

This is a knox update not a OS update, so can be rolled out far quicker than a Note 4 OS fix.

arhu74
arhu74

not that i am concerned about this particular vulneralitity but will this still apply if you are rooted (sgs6)

NoteLove
NoteLove

So as this news reverberates and due to being a security issues they can patch in days. What about my Note 4 lag due to lolipop or the S6 ram issues. This could affect money so they rush out an alleged update in a few days.

arhu74
arhu74

Maybe this was an easy fix