All Samsung smartphones especially its high end range Galaxy devices can be taken over by hackers due to some major flaws in its system, reveals a security report. Although the company has issued an update to fix these vulnerabilities, many users –who are yet to download it – stand at risk.
An Israeli cybersecurity research firm, Viral Security Group, has published a report on the South Korean electronics giant's software shortcomings that allow its smartphones to be on the radar of potential hackers. They say Samsung KNOX, an umbrella name used by Samsung for a collection of security features deployed on its Android devices, has some particular flaws that allow hackers to inject malicious codes into the system.
The researchers used existing kernel vulnerability, known as a write-what-where flaw (CVE-2015-1805), on the Galaxy Note 5 and S6 to show that it can be used to exploit the vulnerability in Samsung's system. The paper sheds light on how these faults allow complete control of Samsung's devices including system access which can be misused for replacing legitimate applications with rogue versions.
Although Samsung has patched the CVE-2015-1805 kernel vulnerability in its May security update there are still a lot of devices that do not have the update. Security updates unlike OS updates are not religiously tracked by consumers. Many older devices do not get these updates in OTA format and users do not take the extra initiative to install them manually.
Samsung has always maintained while seeding its updates that consumer should always maintain their devices by being updated with the latest security patch. So, if you have a Samsung smartphone and have not updated your security patch do so as soon as possible to avoid any risks due to such flaws.