Samsung Galaxy devices vulnerable to the keyboard exploit issue can now fix the problem through activating a security feature in the handset's settings. By enabling the Automatic Updates option under Security Policy Updates, device users can make sure that they receive the firmware update once Samsung releases it.
The firmware update that Samsung is working on for immediate release is particularly intended for Galaxy devices that don't have Knox security software. Knox is Samsung's security software, and can prevent malicious code from running.
According to Samsung, which is reported on Engadget, "most of its users have Knox enabled by default and will get a prompt to apply a new security policy automatically." Devices users that don't have Knox can activate Automatic Update by going to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is enabled. For manual checking of security updates, device users can click this option: Check for updates to manually retrieve any new security policy updates.
Potential malware can access the device as its stock keyboard, the SwiftKey's predictive keyboard, updates itself. Malware can sneak in while they're updating and start the attack in the device's language packages.
How serious the threat is?
For the security firm NowSecure, this keyboard exploit issue is a serious threat as its stock keyboard leaves an open door that hackers can use to launch malicious codes. In fact, Engadget reported that NowSecure had warned Samsung months ago, and called it attention for action again during a hacker conference, upon discovering that Galaxy S6 phones from Sprint and Verizon were still vulnerable.
On Samsung's end, there have been no recorded keyboard exploit cases. The Korean tech maker assured Galaxy device owners that it is unlikely because hackers have to be on an unsecure network and must have the physical phone to be able to execute the keyboard exploit.
Samsung, however, was smart enough to acknowledge that the Galaxy keyboard exploit is possible. It is even smarter for expediting the firmware update that will fix the problem for vulnerable devices. These include the Galaxy S4 and GS4 Mini, Galaxy S5, and Galaxy S6 on T-Mobile, Sprint, AT&T, and Verizon.
Join the Conversation