Over 600 million Samsung Galaxy devices are at risk of being hacked, courtesy of a vulnerability uncovered by researchers. Even the most recent offerings from Samsung such as the Samsung Galaxy S6 are said to affected. A remote attacker could potentially control a user's network traffic to execute harmful code on the user's phone.
The security vulnerability, first uncovered in November 2014, arises from SwiftKey keyboard that comes pre-installed on a number of Samsung devices. The keyboard which cannot be disabled or uninstalled allows hackers easy access to users' devices. Hackers can exploit the vulnerability even when the SwiftKey keyboard is not set as the default option.
Attackers have the ability to to extract personal information and data stored on the smartphone, including credit card information, photos, videos, and messages. A hacker could also take control of apps that have been installed, install more malware without knowledge of the owner and gain access to the device's camera, sensors and microphone.
Samsung will be releasing an update to address a vulnerability found in the SwiftKey keyboards that are pre-installed in the company's smartphones. The patch will be received by users through the security policy update mechanism of Samsung KNOX, and not through a complete update to the system of the affected smartphones.
Samsung added that the update to the security policy of its smartphones will begin to roll out within a few days, and that the company is currently in discussions with SwiftKey regarding other possible issues that may present themselves in the future.
Affected users are recommended to avoid connecting to unsecure Wi-Fi networks in the meantime. Device owners that downloaded the SwiftKey app as a retail version are said to be unaffected by the vulnerability.
0 comments:
Post a Comment