Following on from the statement we received earlier today relating to the security issue on Samsung smartphones, Samsung has posted more information about the security flaw on their official blog.
Samsung has basically said that the potential risk to their smartphones is low, you can see a statement from Samsung below.
This vulnerability, as noted by the researchers, requires a very specific set of conditions for a hacker to be able to exploit a device this way. This includes the user and the hacker physically being on the same unprotected network while downloading a language update. Also, on a KNOX-protected device there are additional capabilities in place such as real-time kernel protection to prevent a malicious attack from being effective.
So the likelihood of making a successful attack, exploiting this vulnerability is low. There have been no reported customer cases of Galaxy devices being compromised through these keyboard updates.* But as the reports indicate, the risk does exist and Samsung will roll out a security policy update in the coming days.
As we mentioned earlier today, Samsung is working with Swiftkey to address the potential issue on Samsung smartphones. The company also noted that all of their flagship handsets since the Galaxy S4 come with their KNOX security platform installed and that they will start to roll out updates to fix the issues in the ‘coming days’.
You can find out more information about what Samsung is doing to fix these security issues on their smartphones over at their blog at the link below.