Sometimes timing really is everything. Within just a few days, we have had confirmation of the spyware attack on Samsung phones that triggered an emergency update earlier this year, and a warning that some of those patched phones will get no more updates.
The spyware confirmation came courtesy of Palo Alto Networks Unit 42. “A previously unknown Android spyware family, which we have named LANDFALL.” This attack exploited a zero-day vulnerability in Samsung’s Android image processing library” using “malicious image files that appear to have been sent via WhatsApp.”
Unit 42 says “CVE-2025-21042, is not an isolated case but rather part of a broader pattern of similar issues found on multiple mobile platforms.” It was patched by Samsung in April, albeit “the exploit itself — and the commercial-grade spyware used with it — have not yet been publicly reported and analyzed.”
We have seen increased spyware attacks on Android in the last year, driving multiple zero-day warnings and emergency updates. Fortunately, because “the vulnerability has been patched since April 2025, there is no ongoing risk to current Samsung users.”
That assumes all Samsung phones receive security updates. They do not. There are a billion Android devices no longer receiving security updates — plenty are Samsungs. All those devices are at risk from any vulnerability exploited after their security updates end. And on this, Samsung has just confirmed bad news for millions of Galaxy users.
“November turns out to be a disappointing month for the owners of five Samsung phones,” SammyFans says, which “will no longer receive new software updates.”
Those phones are “the Galaxy S20 FE and Galaxy S20 FE 5G.” which have been “completely removed” from the list of phones eligible for updates, along with the Galaxy M22, Galaxy M52 5G and W22 5G. The new schedule of which devices are eligible for updates and on what frequency is here.
If you’re one of the millions still using one of those phones, it’s time for a rethink. There will more LANDFALL-type attacks to come. In all seriousness, if your phone is no longer eligible for updates, you really do need to upgrade to something that is.