Keyboard bug leaves 600M Samsung Galaxy devices exposed to hackers

Keyboard bug leaves 600M Samsung Galaxy devices exposed to hackers
June 18, 2015 - 11:09 AMT

PanARMENIAN.Net - A vulnerability in Samsung’s Android keyboard installed on over 600m devices worldwide could allow hackers to take full control of the smartphone or tablet, The Guardian reports.

The security bug revolves around the update mechanism of the built-in keyboard, which looks for language updates for trending phrases either daily or weekly.

“The keyboard was signed with Samsung’s private signing key and runs in one of the most privileged contexts on the device, system user, which is a notch short of being root,” said researcher Ryan Welton from security company NowSecure who discovered the hole.

The problem was discovered last year. NowSecure told Samsung about the bug in December. Samsung asked NowSecure to keep the discovery under wraps until it could patch the problem. Google’s Android security team was also notified.

However, six months on it is unclear whether the patch is out. Samsung started that process in early 2015, but unlike Apple’s direct model of software updates, is beholden to mobile phone providers to push out updates to their users.

It is unclear whether that has happened and on what scale users have updated their devices.

Photo: Samsung
Related links:
The Guardian. Samsung keyboard bug leaves 600m Android devices exposed to hackers
 Top stories
Yerevan to host WCIT 2024Yerevan to host WCIT 2024
Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT).
Armenia moves to tax profits from Facebook, GoogleArmenia moves to tax profits from Facebook, Google
Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues.
Krisp raises $5m A round for its voice-isolating algorithmKrisp raises $5m A round for its voice-isolating algorithm
Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls.
Board Chairman։ Top officials have demanded Ucom alienationBoard Chairman։ Top officials have demanded Ucom alienation
Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020."
Partner news
 Articles
Revolut launches in Armenia

Fast and free money transfers, no hidden fees

 Most popular in the section
Ralph Yirikian to take over Ucom as CEO; Ara Khachatryan stepping down
Viva-MTS +Premium offers additional 30 GB, Yandex Plus subscription
Global Banking & Finance Review names Ucom as Armenia’s best telecom company
300 partners to arrive in Yerevan for Harmony Meetup 3.0 by Fastex
Home
All news
Overview: IT & Technology
Archive for June 18, 2015
Other news in this section
 Latest news
Narek Manasyan wins European Boxing Championships silver for Armenia Armenia’s Narek Manasyan (92kg) won Armenia’s second silver medal at the European Boxing Championships 2024 on April 28.
Blinken urges Azerbaijan to continue negotiations with Armenia Secretary of State Antony J. Blinken has urged Azerbaijani President Ilham Aliyev to continue negotiations with Armenia.
Pashinyan, Blinken talk Armenia-U.S. ties over the phone Prime Minister Nikol Pashinyan had a phone conversation with US Secretary of State Antony Blinken on April 28, Pashinyan’s office reports.
Titus, Bilirakis lead legislation to sanction Azerbaijani war criminals Representatives Dina Titus (D-NV) and Gus Bilirakis (R-FL) have introduced the bipartisan legislation.
---