MASSIVE Samsung Galaxy deals during Discover Samsung!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

October security patch fixes serious vulnerability affecting a few Samsung phones

General
By 

Last updated: October 4th, 2019 at 14:20 UTC+02:00

Start following SamMobile on Google News now!
 

Earlier this week, Google’s Project Zero security analysis team revealed that cyber-attackers are exploiting a bug within Android OS, which affects 18 known phone models including three Samsung devices, namely the Galaxy S7, Galaxy S8, and Galaxy S9. The issue stems from a local privilege escalation vulnerability which can give attackers full control over an affected device.

Google’s Project Zero team labeled it a “high severity vulnerability,” but the good news is that a fix has already been devised and will roll out along with the October 2019 security patch. The need for secrecy might be why Google has yet to detail the October 2019 security patch in an official changelog. Either way, the company said its Pixel 1 and 2 will no longer be vulnerable after the update, adding that a patch has also been made available to partners to make sure that the problem doesn’t spread throughout the Android ecosystem.

Samsung already rolling out the October patch

The severity of the bug could also be the reason why Samsung already launched the October security patch for several Galaxy devices, even as the changelog was missing. So far, Samsung released the October 2019 security patch for the Galaxy S10 5G, the Galaxy A20e, Galaxy A50, as well as the A30 and Galaxy J2 Core.

Interestingly, all of these phones sans the Galaxy S10 5G follow the quarterly update schedule, and none of them have been mentioned by the Project Zero team as being vulnerable. Then again, the list of affected devices shared in Chromium isn’t final and there could be more phones that are or have been open to attacks.

The vulnerability is reportedly being exploited by the NSO Group

According to Project Zero, the vulnerability can be exploited either when a user installs an untrusted app, or via a web browser by combining it with another exploit residing in the code that determines how content is being rendered in Chrome.

Project Zero member, Maddie Stone, said there are reasons to believe the vulnerability is being exploited by the NSO Group or its clients. This is an Israel-based exploit developer and is known to sell its malicious product to various governmental bodies. A few years ago the same group was responsible for developing the “Pegasus” spyware for mobile devices, which was designed to jailbreak or root iOS / Android phones and expose private data.

How to keep safe

Because the vulnerability requires either an additional app to open up the exploit or a second exploit within the Chrome web browser for it to work, it shouldn’t be difficult to keep your phone safe even if you haven’t received the October 2019 security patch yet. Just be mindful of what third-party apps you install and refrain from installing apps from untrusted sources. Likewise, you might want to use a different mobile web browser instead of Chrome, at least until the vulnerability will be fully patched.

Via GeneralPhone Galaxy S7Samsung Galaxy S8Samsung Galaxy S9
Load comments

You might also like

Samsung releases new firmware update for the Galaxy S6 series

Samsung releases new firmware update for the Galaxy S6 series

Several old Samsung Galaxy S-series phones were suffering from the GPS issue, which the company has been fixing by delivering updates. Galaxy devices such as the Galaxy S8 from 2017, and the Galaxy S7 from 2016, have already bagged the GPS bug fix update, and now it is time for an even older series, the […]

  • By Sagar Naresh
  • 8 months ago
Samsung releases important update for discontinued Galaxy S7 and S8

Samsung releases important update for discontinued Galaxy S7 and S8

Up until a couple of years ago, even Samsung flagship smartphones only received two major Android OS upgrades and three years of security updates. The company now provides the best software support of any Android OEM. Many devices now receive four Android OS upgrades and five years of security updates. The Galaxy S7 and Galaxy […]

  • By Adnan Farooqui
  • 9 months ago
Four-year-old Galaxy S9 gets a new software update in the US

Four-year-old Galaxy S9 gets a new software update in the US

Samsung has released a new software update to the Galaxy S9 and the Galaxy S9+. Considering that these two phones were released more than four years ago, it is impressive to see them still getting new updates. The latest software update for the Galaxy S9 and the Galaxy S9+ comes with firmware version G96xUSQU9FVB2. The […]

  • By Asif Iqbal Shaik
  • 1 year ago
Samsung Galaxy S9 trade-in values help you ditch your outdated phone

Samsung Galaxy S9 trade-in values help you ditch your outdated phone

It has been four years since the Galaxy S9 and Galaxy S9+ were launched. Samsung sold quite a lot of units across the globe. Countless users are still holding on to their devices but now it’s finally time for them to upgrade. That’s because this week, Samsung has ended all software support for these devices. […]

  • By Adnan Farooqui
  • 1 year ago
Samsung officially pulls update support for the Galaxy S9 series

Samsung officially pulls update support for the Galaxy S9 series

After four years of continuous update support, Samsung has official pulled the plug for the Galaxy S9 and the Galaxy S9 Plus.

  • By Sagar Naresh
  • 1 year ago
Marvel’s Moon Knight series features the Samsung Galaxy S9

Marvel’s Moon Knight series features the Samsung Galaxy S9

We recently reported that a Samsung Galaxy Fold was featured in the second season of Star Trek: Picard. Now, recently the latest Disney+ series, Moon Knight, features a Samsung phone from 2018. The first episode of the Moon Knight series showcases the character using the Samsung Galaxy S9, which was released back in 2018. The folks […]

  • By Sagar Naresh
  • 1 year ago

May 2023 security patch

Galaxy A22 5G gets access to May 2023 security update

  • 11 hours ago

Samsung’s Tab S6 Lite tablet is getting the May 2023 update

  • 1 day ago

Samsung fans get the May 2023 update for the Galaxy Tab S7 FE

  • 1 day ago
May 2023 security patch

Devices

More Devices

Best picks

Best Samsung Phones in May 2023 – Picked by experts

  • 2 weeks ago

Best Samsung Earbuds in 2023

  • 2 weeks ago

Best Samsung Galaxy Tablets in May 2023

  • 2 weeks ago

Best Samsung Watch in 2023

  • 2 weeks ago

Best cheap Android phones 2023 by Samsung

  • 2 weeks ago

Social media

Reviews

Samsung Galaxy M14 review: Affordable 5G-enabled battery life monster

  • 1 week ago

Samsung Odyssey OLED G8 review: Excels in what its meant to

  • 2 weeks ago

Galaxy A34 5G review: Substance over style in an affordable package

  • 1 month ago
More reviews

Notebook

Windows 11 WSA update brings improved multitasking of Android apps to Samsung laptops

  • 13 hours ago

Galaxy Book 3 series is a smashing hit in South Korea

  • 1 day ago

Samsung may be developing an Exynos chip for a Windows on Arm laptop

  • 1 day ago
More notebooks

TV

Time to party! New deal shaves $200 off The Freestyle portable projector

  • 6 hours ago

Samsung’s QD-OLED gets Display Of The Year 2023 award

  • 13 hours ago

Samsung’s 2023 TV lineup gets praised by experts worldwide

  • 14 hours ago
More TV
  • Home
  • News
  • October security patch fixes serious vulnerability affecting a few Samsung phones