phone, tablet, samsung electronics, android

Millions of Android devices, including Samsung, appear to have been left vulnerable by a major security leak. This isn’t as much a vulnerability as it is an actual leak of a critical component used by device manufacturers who rely on Android OS.

More specifically, Android OEMs, including LG, Samsung, and others, have had their platform signing keys leaked. A signing key ensures that the version of Android on a device is legitimate. In addition, the signing key can be used by individual apps, meaning that Android will trust any app that shares the same signing key as the operating system. (via @maldr0id / 9to5Google)

In theory, this can allow a malicious party to attach malware to a trusted app and go unnoticed. It wouldn’t matter if a new app version contains malware. As long as the app is signed using the same key as the OS, it would be considered a trusted update, regardless of whether it came from the Galaxy Store, the Play Store, or other sources. That is, in theory. Google claims that no such vulnerable apps have made it onto the Play Store, which is good news.

Samsung already took measures to minimize risks

Aside from Samsung, other mobile brands affected by this security leak are LG, MediaTek, szroco, Revoview, and there may be others.

The issue was originally reported in May 2022, and thankfully, Google says that Samsung (and other manufacturers) have “taken remediation measures to minimize the user impact.” The statement is a bit fuzzy, and it’s unclear which apps are still vulnerable to this security issue or to what extent. But measures were set in place to minimize the risk of getting malware. And thankfully, Google also said that the exploit hasn’t been found in any apps available through the Play Store, and ensured that Play Protect offers a layer of security against these vulnerabilities.

In any case, it seems like the best way to avoid problems caused by this security leak is to not sideload apps from third-party websites for a while.

NEWS RELATED

Latest Windows 11 beta brings cloud storage settings to Galaxy Book

Microsoft is rolling out two new beta builds for Windows 11 laptops and PCs, and you can install them on your Galaxy Book. Windows 11 beta build 22623.1180 is rolling out with new features, while the Windows 11 beta build 22621.1180 update brings features that are turned off by default. ...

View more: Latest Windows 11 beta brings cloud storage settings to Galaxy Book

Galaxy A52s 5G’s January 2023 update brings Maintenance Mode

Samsung has released the January 2023 security update to many smartphones and tablets. Now, the company has released a new update to the Galaxy A52s 5G as well. The latest Galaxy A52s 5G software update comes with firmware version A528BXXU1DWA4. The update comes with the January 2023 security update ...

View more: Galaxy A52s 5G’s January 2023 update brings Maintenance Mode

Carrier-locked Galaxy Z Flip grabs January 2023 security update in the US

The Galaxy Z Flip was one of the first devices to get the January 2023 security patch. However, back then, Samsung rolled out the update only to the international LTE and the 5G variants of the device. Today, the company is making the January 2023 security patch available for ...

View more: Carrier-locked Galaxy Z Flip grabs January 2023 security update in the US

Galaxy XCover Pro, XCover 5 get January 2023 security update

Samsung started rolling out the January 2023 security patch to its smartphone right from the first day of the year. So far, the company has pushed the latest security update to many Galaxy S, Galaxy Note, Galaxy M, Galaxy A, and Galaxy Z series devices. Now, Samsung has started ...

View more: Galaxy XCover Pro, XCover 5 get January 2023 security update

You can no longer use Google Voice Smart Reply on your Samsung phone

With the latest update to Google Voice, Google has removed the Smart Reply feature from the app. This feature is no longer supported on your Samsung or any other Android phone. Also, this feature isn’t available on iOS either. Google added the Smart Reply feature to Google Voice last ...

View more: You can no longer use Google Voice Smart Reply on your Samsung phone

Galaxy Z Fold 4 gets served with January 2023 security update

Earlier today, we reported that the Galaxy Z Flip 4 has started getting the January 2023 security update. Now, even the Galaxy Z Fold 4 has started getting Samsung’s newest security update in various African, Asian, and European countries. The latest software update for the Galaxy Z Fold 4 ...

View more: Galaxy Z Fold 4 gets served with January 2023 security update

Galaxy M31 starts getting January 2023 security update

The Galaxy M31, being more than two years old now, currently has a biannual security status. It means the phone is eligible to receive at least two security updates every year, and today, the phone is receiving one. The latest update for the Galaxy M31 (SM-M315F) brings January 2023 ...

View more: Galaxy M31 starts getting January 2023 security update

Check out the features of the new Bespoke 4-Door Flex with Family Hub+

At CES 2023, Samsung launched its Bespoke AI Oven and Bespoke 4-Door Flex, both powered by Family Hub+ and the most recent SmartThings Cooking capabilities. These devices have enhanced AI capabilities and a new level of customization to help with your daily chores. Particularly noteworthy is the new Bespoke ...

View more: Check out the features of the new Bespoke 4-Door Flex with Family Hub+

Xiaomi phone with Samsung E6 OLED breaks Android display brightness record

Galaxy S20 FE gets January 2023 security update

Samsung is reportedly making OLED displays for iPad Pro, MacBook Pro

Galaxy S10 5G gets January 2023 security update

Third-party Twitter apps are now officially dead

Samsung’s new OLED screen can be folded inward and outward

Daily Deal: Samsung’s most stylish flash drive gets 63% price cut

US pricing has leaked for Samsung’s Galaxy S23 series – it’s good news

One UI: I much prefer default icon colors to palette-matching ones

Galaxy Tab S6 Lite (2020) gets Android 13 One UI 5.0 update

SmartThings Galaxy Watch update brings new smart home controls

First post-Android 13 update to Galaxy A72 brings January 2023 security patch

OTHER NEWS