Samsung continue to ignore a major security flaw in Galaxy phones

A major security flaw exists on Galaxy phones. Samsung has not deployed the appropriate patch. Google revealed the flaw in November 2022. It affected millions of Android phones. The flaw exists in “Mali” GPUs. These GPUs are in use in Samsung devices. The problem is not completely solved.

Samsung neglects a significant security flaw in Galaxy smartphones, despite ongoing concerns

Gizchina News of the week

Join GizChina on Telegram

The security flaw affects Android mobiles with “Mali” graphics chips. Hackers exploited this flaw and another in the Samsung web browser. They redirected users to malicious websites.

Google’s threat analysis group revealed this chain of exploitation. It affects Chrome and Samsung Internet browsers. Two flaws concern Chrome. Samsung’s web browser uses Chromium. It was used with the Mali GPU flaw.

Hackers accessed the system. They sent unique links via SMS to Samsung Galaxy devices in the United Arab Emirates. Victims clicked on these links and unknowingly downloaded spyware.

Google fixed all flaws for Chrome and Pixel phones in 2023. Samsung released a security patch for its web browser in December 2022. It closed two flaws linked to Chromium.

Samsung corrected one link in this chain of exploitation. However, several months after the discovery, Samsung has not deployed an appropriate patch for all affected devices.

So, Samsung was able to stop hackers from exploiting one of the links in a chain of flaws by releasing a security patch. However, Google has pointed out that Samsung has not yet deployed the security patch for the Mali GPU flaw (CVE-2022-22706). Which was available by ARM in January 2022. This flaw grants attackers access to the system. While waiting for Samsung to deploy the patch, we recommend regularly checking for Android updates on your device. Especially if it has an Exynos chip with a Mali GPU. European Galaxy S22 devices with Exynos chips are not affected as they have an Xclipse 920 GPU.