Samsung has promised to release a software patch to fix the security glitch, which was reportedly found in keyboard app.
Just a few days ago, a report carried out by a mobile security firm NowSecure had claimed that Samsung devices (including the flagship Galaxy S6 series) numbering more than 600 million across the world were vulnerable to get hacked due a security hole in Swiftkey app.
If flaw is left un-fixed, hackers can install malicious apps to gain access to personal details (pictures & messages) without users' ever knowing that their device has been comprised. They can even track incoming/outgoing calls/SMSs and also have the ability to tamper phone's apps and functionality.
Taking cognisance of the NowSecure's report, Samsung has acknowledged the security flaw, but vehemently downplayed the level of severity of the risks raised by mobile security firm.
The South Korean company said that hackers have a very small window to make an attack and that too under some extraneous conditions being that user and the attacker are physically in the "same unprotected network while downloading the language update (for Swiftkey app)".
Samsung noted that high-end Galaxy series phones, which come pre-loaded with KNOX need not worry of getting hacked as the security application has real-time kernel protection, thus preventing any attack to become effective.
That being said, Samsung has announced that the company will take all security issue minor or major very seriously and would release a software patch in coming days to all devices with KNOX security systems in coming days.
All major Samsung handsets (after Galaxy S4) come with KNOX app turned on including Security Enhance feature for Android, which enforces a number of mandatory security settings on the device.
The security policy update will be deployed via OTA (Over-The-Air) and users are advised to activate the Automatic Updates option by going to:
Settings > Lock Screen and Security > Other Security Settings > Security policy updates>> turn on Automatic Updates option.
Since the OTA updates are released in phases, it will take some time to reach all corners of the world. Until then, users can check for update manually.
Follow the same path above and go to 'Check for updates' tab to manually retrieve any new security policy updates.
Other Samsung handsets, which don't come with KNOX, will have to wait a few more days to get the update. As of now, no Samsung devices have been reported to have been compromised.
