Samsung to plug security hole on Galaxy smartphones

18.06.2015
Samsung will update the security software on its Galaxy smartphones to address a flaw that researchers warned could let attackers access people's devices.

Earlier in the week, researchers at NowSecure, a mobile security company, identified the flaw in SwiftKey, a keyboard application that comes preloaded on Galaxy smartphones. The flaw could be exploited even when SwiftKey was not used as the default keyboard, NowSecure said.

On Thursday, Samsung said it would issue a fix that would roll out over the coming days to owners of the Galaxy S4, released in 2013, and later models. Those devices have Samsung's Knox security platform installed by default and can receive over-the-air security policy updates. Users must have automatic updates activated in their phone's settings, Samsung said on its website.

For earlier Galaxy phones that don't come with Knox, Samsung said it was working on an expedited firmware update. Availability will vary depending on the model, region and service carrier.

SwiftKey's app, which predicts words as users type, is also available from the Google Play and Apple App stores. But those versions of the app were not affected by the vulnerability, a SwiftKey spokeswoman said on Thursday.

Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at @zachminers. Zach's e-mail address is zach_miners@idg.com

Zach Miners