Order the just-launched Galaxy Fold7, Flip7, or Watch8 Classic – New deal Galaxy S25 Ultra
Last updated: January 4th, 2023 at 10:34 UTC+01:00
SamMobile has affiliate and sponsored partnerships, we may earn a commission.
Reading time: 2 minutes
On the Android side, the January 2023 security patch doesn't contain any fixes for vulnerabilities marked as “Critical” or “Moderate.” However, it mentions over 50 “High” vulnerabilities that were addressed, along with three CVE items included in previous updates.
As usual, Samsung has offered more details for fixes concerning vulnerabilities that affect its own software. An out-of-bound read vulnerability was patched with proper boundary check logic. An improper input validation vulnerability in TelephonyUI that would allow attackers to configure “Preferred Call” was fixed, and the patch removed unused code.
Furthermore, a hardcoded encryption key vulnerability in NFC was fixed by adding proper usage of random private key API to prevent key exposure. And an improper access control vulnerability in telecom applications was fixed with access control logic to prevent sensitive information leaks.
Among other SVEs, the January 2023 security patch also fixes a Knox Service vulnerability concerning Permissions or Privileges. The patch also adds restrictions that lock the Secure Folder container when PIP is closed. In other words, the vulnerability allowed the Secure Folder container to remain unlocked under certain conditions.
Mihai is a blogger and column writer at SamMobile. His first Samsung phone was an A800 which took a lot of beating, and a part of him still misses the novelty of the clamshell design. In his free time, he enjoys watching shows, documentaries, and stand-up comedy; listening to music, taking walks, and occasionally playing old(er) video games.
Trending
We'd like to show you notifications for the latest important news and updates