All Samsung Galaxy owners are issued with an update now alert.
Samsung’s security updates have an unusual twist this month, with the October release highlighting five important things that owners of Samsung Galaxy phones running Android 12, 13, or 14 should update as soon as possible. The reason is shown.
Over the past few months, we’ve become accustomed to significant updates coming through a wide range of Android vulnerability and hardware component patches. And while there are two such updates from Qualcomm this month, they are part of Android’s September release and have only been delayed to make their way to Samsung.
But this time, an important new update uses a unique UI to address Samsung’s internal vulnerabilities. All five CVEs are related to librtppayload, a system component specific to Samsung mobile phones. All of these vulnerabilities allow “a remote attacker to execute arbitrary code with system privileges” even though user interaction is required. But that just means tricking the user into interacting with the on-screen exploit.
There’s no suggestion that such an exploit hasn’t been seen yet, but Galaxy users are being urged to update the October release as soon as it hits their devices. As before, releases are scheduled by model, region, and carrier, with lower-end devices waiting until later in the month.
The October security release includes five important updates.
Of course, all of this assumes your device is still eligible for security updates. Across the Android ecosystem, there are between 500 million and 750 million ineligible phones. Samsung phones that are still supported can receive such updates monthly, quarterly, or semi-annually, but if you have to wait for a release, your phone may be at risk until the release arrives. It is clear that
All five critical risks are related to vulnerabilities in the processing of compressed video on the device, allowing access to parts of the device’s memory that are “outside” of the parameters set for the feature itself. It will be. This poses a risk of device instability or remote code execution as per Samsung’s warnings.
The good news is that these issues have been fixed, so owners of flagship devices should get the update soon. But it’s also bad news for millions of owners of flagship models. The Galaxy Z Fold 6 and Galaxy Z Flip 6 phones will receive this release, but they won’t receive Google’s system update, and haven’t since April. And every flagship owner knows that One UI 7 and Android 15 will wait until 2025.
The October release may also include other, perhaps even more important, updates. Samsung warns that “Some SVE (Samsung Vulnerabilities and Exposures) items included in the Samsung Android Security Update cannot be made public at this time.”
