Samsung Galaxy S6 and Other Samsung Devices Affected by Serious Security Vulnerability!

Samsung’s reputation is in trouble – it’s just been revealed that a large number of smartphones made by the company, including their latest flagships S6 and S6 Edge, are affected by a serious security vulnerability that could end up posing a serious risk for users of the devices. According to reports, the flaw could allow attackers to gain access to a user’s private data, including their audio conversations, text messages, and stored photos.

NowSecure, a US-based company that specializes in security, were the first to go public with the flaw, which is apparently rooted in the application SwiftKey, a keyboard replacement that comes installed by default on Samsung’s latest smartphones.

The language pack update system of the keyboard tool can apparently be exploited to give an attacker access to the user’s system, and subsequently surrender a lot of control over the device to them. The update system apparently runs with no encryption whatsoever, and it has an exploit that opens up the doors to arbitrary code execution.

The problem, however, isn’t just caused by SwiftKey itself – normally, the app shouldn’t be able to wreak so much havoc on a user’s system, but the specific way in which Samsung are distributing it on their devices is the real problem here. According to security reports, since the app is treated as part of the operating system by Samsung, they have signed it with their own private signing key, and they allow it to run as a “system user”, which basically allows it to do as much as most system applications in Android.

Worst of all, a user doesn’t even have to perform any specific actions themselves in order to trigger the vulnerability, all they have to do is reboot their device or simply leave it running until SwiftKey decides to perform an update on its language packs. These update checks are performed regularly every few hours, and this makes the vulnerability pretty serious.

Samsung Galaxy S6

The problems continue once we dig deeper into the issue, as the way the app is installed in the system makes it impossible for users to uninstall it, and even if a user downloads an alternative keyboard replacement and uses that instead, the problem persists. SwiftKey will continue trying to search for updates in the background even when it’s not the default keyboard application, and the user will be just as vulnerable in that case. For the time being, there seems to be no reliable way to prevent the application from getting attacked, other than applying a security fix.

Leave a Reply

Your email address will not be published. Required fields are marked *