Samsung is now rolling out an update to patch a bug which allows for the recently reported BlueBorne exploit to take hold. For those who aren’t yet aware, BlueBorne is a Bluetooth exploit affecting the vast majority of Android devices. What makes the exploit so potentially harmful is that a device does not need to be paired with another device or even set to discoverable in order to be attacked. That means any malicious activity could be conducted through a device’s Bluetooth radio, as long as the radio is turned on, without any further action from the owner. Malware, viruses, and more could feasibly self-replicate and spread with relative ease through the technology of an affected device, and through interconnected Bluetooth-enabled hardware such as speakers and laptops. Although the September 2017 Android security patch is said to fix the vulnerability, Samsung has apparently chosen not to update many devices to the latest security patch and instead opted to distribute the BlueBorne patch on its own.
The update should bring more security on that front to the Samsung Galaxy Note 8, Galaxy S7, Galaxy S6, Galaxy S5, and the Galaxy A5 (2016). Specifically, the software appears to only apply to devices running a firmware version which contains the letter “I” in the second-to-last position of the version number itself. Users who want to check their version numbers should navigate to the Settings menu and look for the “About device” section. The updates only began rolling out this month, so it could take some time for them to hit every eligible model, especially with more than one device set to receive the update. With that under consideration, the news that an update is on the way should help alleviate concerns some Samsung users have expressed about the lack of an update to the latest September 2017 Android security patch.
There is one glaring omission from the aforementioned list of smartphones Samsung is updating as part of the latest rollout, as there has seemingly been no BlueBorne exploit fix for the Samsung Galaxy S8 or Galaxy S8 Plus yet. However, given the popularity of Samsung’s flagship duo, it’s also hard to imagine an update for those handsets would be too far behind. With that said, users whose devices are set to be updated will probably want to keep an eye out for the patch so they can secure said devices as quickly as possible. Concerned Galaxy owners can also download a tool to check for the vulnerability by following the Google Play Store button below.