Samsung has this week confirmed security vulnerabilities that affect Galaxy S8, S9, S10, S10e, S10 Plus, S10 5G, Note 9, Note 10 and Note 10 Plus users as the October routine security maintenance release (SMR) rolls out to users of Galaxy devices.
In all, there are some 21 security issues covered; 17 related to Samsung’s “One” user interface and four concerning Android. Here’s what you need to know and what you need to do.
The Samsung Galaxy specific security warnings
The October SMR includes patches from Google, which affect Galaxy 10 users as well as those with earlier devices from Samsung. There are also a whole bunch of vulnerabilities that specifically impact Galaxy 8 and Galaxy 9 device users. Amongst these, there is a Galaxy 9 vulnerability that is rated as being critical: SVE-2019-15435.
This affects both the Galaxy S9 and Note 9, although details are sketchy as to the exact technical nature of the vulnerability as it has been “privately disclosed” to protect users until patches are installed. With around 30 million Galaxy 9 smartphones sold, and another 10 million Galaxy Note 9 devices, that’s a potential 40 million users who need to take notice of this warning.
What is the critical Galaxy 9 and Note 9 vulnerability?
What is known about SVE-2019-15435? As I say, not a lot. The only information that Samsung has published is as follows: “Enhancement in IMEI security mechanism is required for improved protection against potential IMEI manipulation.” It has been suggested this relates to a method of circumventing the IMEI blacklist which prevents stolen devices from being easily resold.
Anything that gets around this kind of protection makes the devices involved more attractive to criminals who could get a better profit by selling them on with a “clean” IMEI number.
Should you update now?
While, just as with updates for Microsoft Windows that have a history of going wrong, Samsung updates are not always perfect, you should still update as soon as possible. Putting off installing the latest updates means your smartphone remains vulnerable. Once vulnerabilities are disclosed, it doesn’t take long for the criminals to get cracking and hacking, with exploits tailored to each. You know what you need to do.
Click on the comment box below and leave us your thoughts. Thank you.