Samsung To Fix Keyboard Bug that Puts 600M Smartphones at Risk

Saying it takes all security threats very seriously, Korean handset maker Samsung said it is working on a fix for the vulnerability that occurs when keyboard updates are carried out on Galaxy devices.

In a statement, the firm noted that the vulnerability requires a specific set of conditions for a hacker to exploit a device, including the need for the user and the hacker to physically be on the same unprotected network while downloading a language update. Also, on a KNOX-protected device there are additional capabilities in place such as real-time kernel protection to prevent a malicious attack from being effective, the company noted.

SamsungEUs advice to consumers who have the KNOX security platform installed is to ensure your device automatically receives security policy updates. EUFor the devices that donEUt come with KNOX by default, we are currently working on an expedited firmware update that will be available upon completion of all testing and approvals,EU the company said.

Here's the backstory: Earlier this week, a huge vulnerability was discovered in third-party keyboard software that comes pre-installed on Samsung phones. The glitch reportedly put as many as 600 million mobile device users at risk of being hacked. But the keyboard-maker is saying its hands are clean.

Mobile security firm NowSecureEUs Ryan Welton uncovered an issue in the SwiftKey keyboard that comes bundled with Samsung phones, including the Galaxy S3, S4, S5, S6, and Galaxy Note 3 and 4. SwiftKey bills itself as having an EUautocorrect that actually works.EU The software lets you slide from letter to letter rather than tap the keys.

Good News, Bad News

EUWe supply Samsung with the core technology that powers the word predictions in their keyboard via an SDK, which is distinct from a pre-installed app,EU Nicky Budd-Thanos, U.S. marketing manager at SwiftKey, told us. EUWe are doing everything we can to...

Comments are closed.