Samsung these days in a politician statement has aforesaid that it's prepping AN update that ought to shut a potential-but-obscure avenue for exploit in its custom keyboard on variety of its most well liked phones.
The update can come back by manner of the safety policy update mechanism in Samsung Knox and not with a full system update, samsung aforesaid in its statement. (And that begs the question why that wasn't wiped out the primary place, if so we'd been waiting on U.S. operators to force a fix.)
Here's what is up. in an exceedingly statement given to mechanical man Central, Samsung says:
Samsung takes rising security threats terribly seriously. we have a tendency to area unit conscious of the recent issue according by many media retailers and area unit committed to providing the newest in mobile security. Samsung Knox has the potential to update the safety policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. the safety policy updates can begin rolling call at a number of days. additionally to the safety policy update, we have a tendency to also are operating with SwiftKey to handle potential risks going forward."
The crux of the difficulty came from the approach the language packs in Samsung's keyboard area unit updated. (The language packs area unit a part of the SwiftKey SDK, however the retail version of the SwiftKey keyboard wasn't concerned in any of this in any approach.) If your phone was connected to Associate in Nursing unsecure access purpose Associate in Nursingd an assailant was ready to catch you at the instant your phone was change the language pack, they'd be ready to replace the update payload with one thing wicked. that will need plenty of things to line up promptly, of course. however whereas the exploit is obscure, it's still real and wishes to be fastened.
0 Comments