Patch Out for 600M Exposed Samsung Devices

Thursday, June 18, 2015 @ 02:06 PM gHale

Samsung released a patch to mitigate a remote code execution vulnerability in the Samsung Keyboard, one of the preinstalled Android apps that comes with most of Samsung’s devices, and over 600 million devices may suffer from the issue, researchers said.

The problem is how many users patched the device?

Flaw in iOS Mail App
Apache Patches Cordova Android Hole
Android Factory Reset Not 100%
Android Hole Allows Fake Downloads

Samsung Keyboard is the on-screen keyboard everyone uses to write any type of text on Samsung’s Android devices, according to researchers at NowSecure.

The problem in the Samsung stock keyboard built on the SwiftKey SDK allows attackers to access sensors on the device, its camera, GPS, microphone, pictures, and even the text messages library, according to the NowSecure report.

The vulnerability could also allow bad guys to install malicious apps without requiring the user’s permission, alter existing apps, and even listen for incoming or outgoing messages and voice calls in real time.

In a statement, the SwiftKey team said: “We’ve seen reports of a security issue related to the Samsung stock keyboard that uses the SwiftKey SDK. We can confirm that the SwiftKey Keyboard apps available via Google Play or the Apple App Store are not affected by this vulnerability. We take reports of this manner very seriously and are currently investigating further.”

CVE-2015-2865 is the case number for the vulnerability discovered last year when Samsung and the Android Security teams received notification.

Patches to address this issue ended up released by Samsung to mobile operators early this year, but it remains unknown how many users upgraded the vulnerable devices.

Since the Samsung stock keyboard comes installed by default on all Samsung devices and users cannot uninstalled them, security experts suggest anyone utilizing a Samsung device should get in contact with his carrier and inquire if they need a patch.