Google Samsung’s Threat Analysis Group (TAG) has revealed a major security flaw in Samsung smartphones, particularly those equipped with the company’s older processors. The security team claimed that the affected smartphones contained an exploit that could allow hackers to gain unauthorized access and execute arbitrary code. This means that malicious actors could access personal information and even control the device remotely to perform unauthorized actions, such as making payments.
Identified as CVE-2024-44068, the vulnerability was discovered in Samsung phones powered by Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, and Exynos W920. That means devices like the Samsung Galaxy S10 and Galaxy Note 10 series are affected by the vulnerability, according to The Register. The report says that Samsung has implemented a fix as part of a security maintenance update, which was released on October 7, but it is not compatible with devices that are no longer on Samsung’s regular software update cycle.
“Samsung is committed to providing the highest level of security to our users,” a Samsung spokesperson said in the report. He urged users to keep their devices updated with the latest software.
Xingyu Jin and Clement Lecigene from Google’s security team mentioned that hackers may be actively exploiting the vulnerability in Samsung processors through what they call an “unlocked room,” which allows them to gain greater privileges on the phone and execute code. malicious. The researchers also mentioned that the October patch contains patches for other vulnerabilities that primarily affected media handling processes. They explained that Samsung’s hardware driver processes, specifically for cameras, were attacked where the vulnerability could have allowed hackers to rename processes to hide malicious activity.
What should users do?
If a user has an older Samsung device, particularly with one of the featured chipsets, they should immediately download and install the October security update. In case the device no longer supports a software update, they should consider switching to a new device to ensure that their data and privacy remain intact.
Disclaimer:
The information contained in this post is for general information purposes only. We make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the post for any purpose.
We respect the intellectual property rights of content creators. If you are the owner of any material featured on our website and have concerns about its use, please contact us. We are committed to addressing any copyright issues promptly and will remove any material within 2 days of receiving a request from the rightful owner.