samsung
Time: globisoftware
On: May/12/2022
Category: Huawei iphone samsung Digital life
Tags: Do all Samsung phones come with a calculator pre-installed?
- Adrian Raya
Security researchers have discovered flaws in pre-installed apps on Samsung Galaxy smartphones, which could have allowed attackers to break into the system and access your data.
Pre-installed apps are usually one of the big hassles of buying a new mobile, and things have improved in recent years. Most manufacturers include at least one of their own applications, if not several, and also reach agreements with developers to include apps that 'may be of interest' to users even if they haven't requested them.
But what happens when some of those apps are insecure? Well, suddenly, a huge number of devices is affected. That's what security researcher Sergey Toshin, from Oversecured, has discovered: several apps and components that come by default on Galaxy phones and tablets had several vulnerabilities.
Potentially, all Samsung devices would be affected, since the problem is in the apps that are installed on all of them, and that perform system functions. This is also why vulnerabilities are so dangerous , as they allow an attacker to access data that they shouldn't be able to access.
A malicious app installed on the same device could use this access to obtain the victim's photos, videos, contacts, call logs and messages; all this, without the need to ask for permission as usual on Android, since they use the permissions that the pre-installed apps already have. Also, they could change system settings to do more damage.
For example, one of the affected apps was Secure Folder, which allows you to create a private space for data and applications; Because of this, it has a gigantic list of permissions that can be used to control the entire device. Additionally, bugs in Knox security software could be used to install malicious apps, and Samsung Dex could be used to obtain app notification data.
Total control
Samsung has confirmed the existence of these vulnerabilities , but claims that it has already fixed them, after being warned by the same researcher; the update was published in April and May of this same year.
However, Samsung has not detailed which devices were vulnerable, which have already received the update, and which are yet to be updated, if any. In theory, vulnerabilities affecting apps is better, as they can be updated more easily than installing a new version of Android, whose updates are not as common depending on the manufacturer.
comments0WhatsAppFacebookTwitterLinkedin