Samsung has confirmed that there are serious security vulnerabilities to its flagship phones, which include Galaxy S8, S9, S10, S10 Plus, S10 5G, Note 9, Note 10 and Note 10 Plus. A total of 21 security issues have been discovered, three of which have been deemed as ‘high’ by Samsung. 17 of the issues are related with the ‘One’ user interface of Samsung while four issues are concerning Android OS.
In this article, we have listed everything you need to know about these issues and how to take precautionary measures to work around them.
Security vulnerabilities of Samsung Galaxy
Samsung security maintenance release (SMR) is being released for all users of Galaxy phones. The latest SMR has patches from Google, which impact Galaxy users (regardless of the fact they are old or new). Amongst these vulnerabilities, there are a few security issues that exclusively affect the users of Galaxy 8 and Galaxy 9, possibly because they are relatively older smartphones. One of the Galaxy 9 vulnerability is labelled as critical, named SVE-2019-15435.
This vulnerability also affects Note 9 but extensive details have not been shared by Samsung for now to protect the users against any attacks until new SMR patches are installed. On its official website, Samsung has only shared the following information with its users,
“Enhancement in IMEI security mechanism is required for improved protection against potential IMEI manipulation.”
Because around 30 million Galaxy 9 ad 10 million Galaxy Note 9 devices have been sold worldwide till now, this vulnerability leaves 40 million people at high security risk.
Although Samsung updates are not always perfect but to keep your Galaxy phone safe especially if you have Galaxy 9 or Note 9, you should install the new update just as becomes available on your device. As the vulnerabilities of these devices are made public, hackers will try to get into your phone and exploit you.
Security vulnerabilities of Android
Security issues of Android seem be occurring at a faster pace than ever, this year. The reported issues of Android for the month of September have been highest this year, which is alarming for Android users. The issue with Android named CVE-2019-2215 lets attacker get access to Android devices, physically or remotely, and control them.
Google Android security update
The October 2019 patch by Google Android has been rolled out on October 8, to help users in keeping their phone secure. The patch is right now available for Google phone users but will soon be available for other affected smartphones too. If you want to check whether the security patch is available for you to download or not, follow these steps:
- Go to your phone’s settings
- Search for ‘system update’
- If an update is available, download it
Your phone will now have the latest security patch from Android and will potentially save it from being attacked by hackers. According to the security researcher, Sean Wright, “Users should patch as soon as they can” as the vulnerability leaves their phones at the mercy of hackers otherwise. John Opdenakker who is an ethical hacker also sided with Wright that Android users should be installing the update as soon as it becomes available to them.
Checklist to keep your phone secure
To further keep your Android phone safe from any future security hacks, take a look at this brief checklist:
- Don’t install apps outside the App Store
- Download an anti-virus
- Always check the ‘permission requests’ that an application makes when you download
- Don’t visit websites that seem fishy or don’t have SSL certification