All about Samsung
Samsung has released an emergency security update for several Galaxy smartphone models, after discovering serious vulnerabilities that cybercriminals are already exploiting. The flaws, which involve information leakage issues, were initially identified by Google and also affect Pixel line devices.
In response to the severity of the flaws, the US government has ordered all federal employees to update their Samsung devices by August 28. Companies and agencies following government guidelines must also adopt this measure, which could affect thousands of users.
Read more:
Understanding the security flaws revealed by Samsung
Google has highlighted that two of the vulnerabilities are now listed in the catalog. Known exploited vulnerabilities (KEV) by the US Cybersecurity Agency (CISA), poses a significant risk. The flaw CVE-2024-32896, with a CVSS severity of 7.8, allows privilege escalation via user interaction, while CVE-2024-29745, with a CVSS severity of 5.5, can lead to information disclosure without requiring additional permissions.
Devices that can download the update
The update has already been released to devices covered by Samsung's Galaxy support. Starting from the S20 onwards, for example, everyone is already covered – older ones can receive the update in the next few days. It is important to note that there is no confirmation yet about the availability of the update in Brazil.
The release of this patch reinforces the importance of always keeping devices up to date, especially in the face of growing cyber threats. With pressure from the US government and growing concerns about cybersecurity, it is imperative to always be up to date to avoid potential harm.