If you have a Samsung Galaxy device, you need to check your smartphone for the availability of a new security update and install it as soon as available…

Samsung’s latest security update for its Galaxy devices is critically important—it includes fixes for Android security vulnerabilities that include one potential remote code execution and another escalation of privilege. Simply put, these are vulnerabilities enabling malware to control all or part of your device.

A couple of weeks ago the update became available for the new S24 flagship in the US, then later the S23 joined the club—albeit the usual patchwork quilt approach applied. Regions and networks and models created a complex update schedule.

Although “users can rest assured OS upgrades will include up-to-date security patches when delivered,” Samsung continues to warn that “while we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.”

You can confirm whether your device will receive the monthly update here.

We have now seen the March security fixes for the S22, S21 and some newer but non-premium Galaxy models; you should check whether the update has been applied to your device and that it is set up to install automatically as soon as available.

There’s little to choose between the latest Samsung Galaxy and Apple iPhone models—but this is one of those areas. The two companies dominate the global premium handset market between them, but while Apple controls its ecosystem end-to-end, Samsung relies on its Android foundations which impacts security updates for millions of users. And that issue hits those users in two key ways.

First, the complex update schedule that combines Samsung and Android updates and which varies by model, region, and network. The simple fact is that users can’t see that critical updates have been fixed and immediately install an update.

Contrast that with the everyone, everywhere approach Apple takes. This is further exacerbated with delays to updates as we have seen in recent months, causing users more concern as they play a wait and see game within their phone’s security.

The second issue makes all this worse—and that’s the higher risk nature of Android versus iPhone. Here, Google is continually narrowing the gap—but that gap is still too wide and too easily exploited. This year alone we have seen multiple security warnings as malware is discovered in the wild attacking devices.

And while Google assures that “Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play,” such malware often finds its way onto the Play Store.

The latest Android warning came out just days go, with IBM discovering a malicious malware-laced app “making itself invisible so the victims can’t detect it, [with] a new technique to hide its icon that we have never seen financial malware use before.”

And so, in addition to installing the March update as soon as it hits their device model/region/network, Samsung users need to abide by the five golden rules when it comes to the software they load onto their devices between those updates:

  1. Stick to official app stores—don’t use third-party stores and never change your device’s security settings to enable an app to load.
  2. Check the developer in the app’s description—is it someone you’d like inside your life? And check the reviews, do they look legitimate or farmed?
  3. Do not grant permissions to an app that it should not need: torches and star-gazing apps don’t need access to your contacts and phone. And never grant accessibility permissions that facilitate device control unless you have a need.
  4. Never ever click links in emails or messages that directly download apps or updates—always use app stores for installs and updates.
  5. Do not install apps that link to established apps like WhatsApp unless you know for a fact they’re legitimate—check reviews and online write-ups.
Share.
Exit mobile version