Samsung working on a fix for major security issue with Galaxy phones and tablets

Many Samsung mobile phones are vulnerable to an exploit involving their keyboard and the company is taking steps to solve it

Fri, 19 Jun, 2015 - 01:00

A few days back, security company NowSecure sent out details of a major vulnerability in a range of Samsung tablets and mobile phones. The exploit involved gaining access to the SwiftKey keyboard on the phone while it was connected to an unsecured Wi-Fi network. From there, with the system privileges afforded this keyboard, it was possible for an outside user to access many of the phones functions.

There's a full explanation here- which is very technical - but the shorthand is that it was very bad news for Samsung, especially once details on how to use the exploit were explained online. Now they've responded with news of a fix.

Samsung says an update is on the way over the next few days which will remove the issue. They've also been keen to point out that the exploit requires a very specific set of circumstances to be a major problem: "This vulnerability, as noted by the researchers, requires a very specific set of conditions for a hacker to be able to exploit a device this way. This includes the user and the hacker physically being on the same unprotected network while downloading a language update."

That said, they're obviously concerned about any security issue and an update will be coming soon. They've also said that the Knox security included in most Samsung handsets should make it even harder to take advantage of the loophole.

To make sure you're ready to accept the update when it arrives go to:

Settings > Lock Screen and Security > Other Security Settings > Security policy updates

More news as we get it.