Tag Archive for: Galaxy

Samsung Galaxy A23 4G and Galaxy Tab S6 Lite (2022) get Android 14-based One UI 6 update

/in


Samsung recently released the Android 14-based One UI 6 stable update for the Galaxy A23 5G, and now the Galaxy A23 4G is getting a taste of Samsung’s latest custom Android skin.

The update is rolling out for the Galaxy A23 4G with model code SM-A235F in Russia and SM-A235M in Panama with firmware versions A235FXXU4DWL1 and A235MUBU4DWL1, respectively. It comes with the One UI 6 features and the dated November 2023 Android security patch instead of the latest January 2024.

The One UI 6 update for the Samsung Galaxy Tab S6 Lite (2022) is rolling out in some European countries, including France. It has firmware version P613XXU4CWL1 and comes with the November 2023 Android security patch.

If you haven’t received the Android 14 update on your device yet, you can check for it manually by heading to its Settings > Software update menu.

Via 1, 2, 3

Source…

Second Android 14-based Galaxy A52s update brings December security patch

/in


It was merely two weeks back that the Galaxy A52s started receiving the Android 14/One UI 6 update, but Samsung is already releasing a follow-up update to the mid-range phone in some markets.

This is the second Android 14-based firmware for the Galaxy A52s and it is rolling out in India and a couple of other countries in the Indian subcontinent. The update sports firmware version A528BXXS5FWL4, and it comes bundled with the December 2023 security patch.

Security enhancements are all that this update brings to the Galaxy A52s. The December patch fixes a total of 75 security vulnerabilities, 54 of which affect all Android devices while the rest were found only in Samsung’s software. The patch also includes fixes for four vulnerabilities discovered in some Exynos chips, which aren’t applicable here thanks to the A52s being powered by a Snapdragon chip worldwide.

If you own a Galaxy A52s, you can check if the latest update is available by tapping the Download and install option in the phone’s Settings » Software update menu (it may take a few tries for the updates to start downloading). Full-sized firmware available in our archives can also be used to upgrade the phone, but this procedure requires a Windows PC and a USB cable.

Galaxy A52s next and final feature update will be One UI 6.1

The Galaxy A52s, like the Galaxy A52 and Galaxy A52 5G, is eligible for three generations of Android OS upgrades, so it will not be receiving future versions of Android. As for One UI updates, the Galaxy A52s is likely to get One UI 6.1 sometime next year. After it has been updated to One UI 6.1, the A52s will only remain eligible for security updates.

Source…

Centre issues high-risk warning for Samsung Galaxy phone users, here’s why

/in


The Union government has issued a new advisory for all the Samsung Galaxy mobile phone users, asking them to immediately update their security systems and operating system (OS) to protect themselves from cyber attacks and hacking.

CERT has issued a high risk warning for Samsung users (Shutterstock)

The Indian Computer Emergency Response Team (CERT-In) has issued the high-risk security advisory on December 13, highlighting several security impacts on millions of Samsung Galaxy phones, with both newer and older models.

Stay tuned with breaking news on HT Channel on Facebook. Join Now

The category of concern for Samsung phones is “high-risk”, according to the advisory, and owners of these phones need to update their firmware of OS at the earliest.

CERT said in its notification, “Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system.”

The agency said that the risk in these phones is due to the improper access control flaw in the SmartManagerCN component of the OS. The solution to this is to apply appropriate security updates in your Samsung Galaxy phones, as mentioned by the company.

What could happen if you don’t follow CERT advisory?

Samsung Galaxy phone owners could be subjected to several risks if they don’t update their security and OS, as directed by CERT-In. Here are some vulnerabilities highlighted in the advisory by the government.

  • Steal phone’s secret code (SIM PIN)
  • Shout loud commands to phone (broadcast with elevated privilege)
  • Peek into private AR Emoji files
  • Change the clock on the castle gate (Knox Guard lock)
  • Snoop around phone’s files (access arbitrary files)
  • Steal important information (sensitive information)
  • Control the phone like a puppet (execute arbitrary code)

– Take over the whole phone (compromise the targeted system)

Further, Samsung has issued instructions for all the users to make sure that they remain safe from these…

Source…

Samsung Galaxy S23 Hacked By Million Dollar Zero-Day Attackers

/in


It was the best of times; it was the worst of times for Samsung. Across four days ending October 27, the Samsung Galaxy S23 was successfully hacked by elite security researchers using zero-day exploits. Four times. The iPhone 14 and Pixel 7 were left unscathed. However, it’s not all bad news, as the zero-day exploits have been handed over to Samsung to fix. Samsung now has 120 days to do so before the exploit methodologies are disclosed publicly.

Who Just Hacked The Samsung Galaxy S23?

The takedown of the Samsung S23 smartphone happened during the annual Pwn2Own hacking event organized by Trend Micro’s Zero Day Initiative. This consumer-oriented event, held in Toronto, Canada, took place between October 24 and 27. Although four smartphones were in scope for the hackers taking part, only the Samsung Galaxy S23 and Xiaomi 13 Pro were successfully exploited. The Apple iPhone 14 and Google Pixel 7 remained undefeated.

MORE FROM FORBESiLeakage Hackers Can Read Gmail On All 2020 Or Later iPhones And MacsBy Davey Winder

With regard to the Samsung Galaxy S23, hackers from Pentest Limited, STAR Labs SG, Interrupt Labs, and ToChim were all able to execute successful zero-day exploits against the device across the four days of competition.

There was, in fact, a fifth successful hack against the Samsung Galaxy S23 by Team Orca from Sea Security, but it used a previously known exploit.

Meanwhile, researchers from NCC Group and Team Viettel were also able to execute successful zero-day exploits against the Xiaomi 13 Pro smartphone.

What Zero-Day Exploits Were Used To Hack The Samsung Galaxy S23?

As already mentioned, the full technical details of the successful zero-day exploits will not be made public until such a time that Samsung has had an opportunity to distribute a patch to fix the vulnerabilities. ZDI gives vendors a 120-day window within which to produce and distribute such a patch. In the meantime, ZDI has released a very brief outline of the exploit types on X, formerly known as Twitter.

Pentest Limited executed an Improper Input…

Source…