Samsung regularly rolls out new security updates to Galaxy devices, addressing dozens of vulnerabilities across various system apps and components. Some devices receive updates every month, while others receive them less frequently. A security firm recently detailed two common vulnerabilities identified on Galaxy devices.
Samsung takes action against two common security threats on Galaxy phones
Security research company Lookout recently published its third quarterly mobile security report for 2024. The extensive report highlights two widespread vulnerabilities that could compromise the security of Galaxy devices if the patches aren’t installed.
The first vulnerability, identified as CVE-2023-21433-21434, is linked to the Galaxy Store. It allowed hackers to install malware-containing apps and execute malicious code. This could even include running JavaScript by launching web pages. Samsung resolved this issue with the Android13-based One UI 5.0 update.
All Galaxy devices that have been updated to One UI 5.0 or newer, or shipped with a newer version, are safe against this issue. However, users still running Android 12 are vulnerable, and Samsung seemingly can’t help. it’s best to upgrade to a newer phone. Until then, users should remain vigilant and avoid installing unwanted apps or visiting dubious web pages.
The other vulnerability, identified as CVE-2021-25337, is found in the Text-to-Speech feature. It enables hackers to gain control of the Android system when users install untrusted apps and grant read and write permissions for local files. Samsung has also recently fixed this vulnerability. Once again, users can remain safe by staying away from untrusted apps.
According to Lookout, the mobile industry saw a 17% increase in enterprise-focused credential theft and phishing attempts since Q2 2024. Additionally, the firm reported a 32% rise in malicious app detections. It also highlighted a notable trend of iPhones becoming more exposed to phishing and web content threats. You should always install the latest security patches and avoid downloading apps and files from untrusted sources.
