It’s been revealed by Google that the Samsung Galaxy S6 Edge has security flaws
11 security flaws were highlighted, one of which includes a loophole that could have been used by hackers to gain control of a victim’s mobile phone.
A large majority of the issues were resolved after Google had notified Samsung, though some of which are yet to be addressed.
One expert explained that the bugs “significantly weakened the security of Google’s operating system.”
“There is definitely a tension between Google and the handset manufacturers because Google wants to protect its Android brand and when it comes to security, Android has been quite tarnished.” added Dr Steven Murdoch, a security researcher at the University College London.
Samsung said the three remaining bugs would be fixed via a security update later this month; “Maintaining the trust of our customers is a top priority”.
Details of the bugs were found by Google’s Project Zero Team. Their job is to hunt down the previously unknown computer security flaws. It is said that several of those flaws would have been “trivial to exploit”.
The team blogged “It is promising that the highest severity issues were fixed and updated on-device in a reasonable timeframe".
One of the big vulnerabilities was a weakness found in the Samsung email software, which could have given hackers the chance to forward all of the victim’s messages to their own account.
Another weakness allowed hackers to change settings of Samsung’s photo-viewing application by sending the handset a specially encoded image.
Google said the most interesting flaw was the “directory traversal bug” found in a wi-fi utility built in to the phone.
“If someone provided malicious data to the software, they could then change other files on the system and interfere with other functions, in particular security functions” said Dr Murdoch. To do this, he said, a hacker would also need to convince their target to install a malicious app, which might appear to have very limited access to the phone’s other functions. However, by exploiting the flaw, the malware could then escalate its privileges.
“This would only happen as part of a chain of events, but eventually it could allow someone to take over the entire phone” Dr Murdoch added. “Android tried to have layers of protection, so even if you break past one level of protection there’s another one…this removed some quite important layers of that protection.”
Samsung confirmed they had addressed this particular issue in a security update released last month, and they are encouraging users to keep their software and apps up to date at all times.
Having insurance for your Samsung Galaxy is very important and beneficial. If you haven’t yet looked into getting cover, it’s never too late! Row.co.uk offers fantastic insurance for the Samsung Galaxy S6 Edge, at a great price.
You can get covered for:
- Accidental Damage & Breakdown
- Screen & Liquid Damage
- Theft, Loss & Unauthorised Calls
- Cracked Screens