Security flaw affects millions of Samsung Galaxy smartphones. It is recommended to quickly install the latest manufacturer update.
Specialized in cybersecurity, the company Kryptowire has discovered a major security flaw in Samsung smartphones. It concerns many brand devices that run on Android 9, 10, 11 or Android 12; that’s millions of devices. The Galaxy S22, Galax S21 and models from the Galaxy A range are particularly affected.
The flaw lies in the “Phone” application which is pre-installed on all Samsung phones. According to Kryptowire, this app embeds “an insecure component that allows local applications to perform privileged operations without the user’s permission”. In concrete terms, a hacker is able to take control of the device using a rogue application that exploits the vulnerability. It may then be able to reset the device, make phone calls without your knowledge or even install and uninstall applications. All of these tasks can be done without action from the phone owner.
“Have you ever thought that someone else has access to your phone? Unfortunately, you may be right”, explains Alex Lise, technical director of Kryptowire. He assures in passing that mobile applications represent an increasingly attractive target for hackers. The firm was notably able to exploit the flaw on the Galaxy S21 Ultra, Galaxy S10 + and Galaxy A10e are concerned. If other models are targeted, this is however not the case for Samsung devices that run on versions prior to Android 9. Thus, a device under Android 8 is not vulnerable.
Quickly install the update on your Samsung Galaxy
The flaw is not new since it was identified as early as November 2021. Alerted by Kryptowire, Samsung finally corrected this vulnerability via the February 2022 security update. It is therefore important to update update your device, if you haven’t already.
To do this, simply go to the Settings of your Samsung smartphone. You can then go to Software update (Where About the device) and check if an update is available or already installed.