If you have a Samsung Galaxy device, you need to check your smartphone for the availability of a new security update and install it as soon as available…
Samsungâs latest security update for its Galaxy devices is critically importantâit includes fixes for Android security vulnerabilities that include one potential remote code execution and another escalation of privilege. Simply put, these are vulnerabilities enabling malware to control all or part of your device.
A couple of weeks ago the update became available for the new S24 flagship in the US, then later the S23 joined the clubâalbeit the usual patchwork quilt approach applied. Regions and networks and models created a complex update schedule.
Although âusers can rest assured OS upgrades will include up-to-date security patches when delivered,â Samsung continues to warn that âwhile we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models.â
You can confirm whether your device will receive the monthly update here.
We have now seen the March security fixes for the S22, S21 and some newer but non-premium Galaxy models; you should check whether the update has been applied to your device and that it is set up to install automatically as soon as available.
Thereâs little to choose between the latest Samsung Galaxy and Apple iPhone modelsâbut this is one of those areas. The two companies dominate the global premium handset market between them, but while Apple controls its ecosystem end-to-end, Samsung relies on its Android foundations which impacts security updates for millions of users. And that issue hits those users in two key ways.
First, the complex update schedule that combines Samsung and Android updates and which varies by model, region, and network. The simple fact is that users canât see that critical updates have been fixed and immediately install an update.
Contrast that with the everyone, everywhere approach Apple takes. This is further exacerbated with delays to updates as we have seen in recent months, causing users more concern as they play a wait and see game within their phoneâs security.
The second issue makes all this worseâand thatâs the higher risk nature of Android versus iPhone. Here, Google is continually narrowing the gapâbut that gap is still too wide and too easily exploited. This year alone we have seen multiple security warnings as malware is discovered in the wild attacking devices.
And while Google assures that âAndroid users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play,â such malware often finds its way onto the Play Store.
The latest Android warning came out just days go, with IBM discovering a malicious malware-laced app âmaking itself invisible so the victims canât detect it, [with] a new technique to hide its icon that we have never seen financial malware use before.â
And so, in addition to installing the March update as soon as it hits their device model/region/network, Samsung users need to abide by the five golden rules when it comes to the software they load onto their devices between those updates:
- Stick to official app storesâdonât use third-party stores and never change your deviceâs security settings to enable an app to load.
- Check the developer in the appâs descriptionâis it someone youâd like inside your life? And check the reviews, do they look legitimate or farmed?
- Do not grant permissions to an app that it should not need: torches and star-gazing apps donât need access to your contacts and phone. And never grant accessibility permissions that facilitate device control unless you have a need.
- Never ever click links in emails or messages that directly download apps or updatesâalways use app stores for installs and updates.
- Do not install apps that link to established apps like WhatsApp unless you know for a fact theyâre legitimateâcheck reviews and online write-ups.