X

Samsung's Pre-Installed Apps Are A Security Risk: Report

Privacy Cyber Security 2 AH NEW
Advertisement
Advertisement

According to a new report, Samsung’s pre-installed apps represent a security risk for users. This information comes from BleepingComputer, who got the information from Sergey Toshin, the founder of the Oversecured company.

Samsung’s pre-installed apps represent a security risk thanks to “multiple vulnerabilities”

It is said that Samsung is working on patching “multiple vulnerabilities” which are affecting its mobile smartphones. Those vulnerabilities could be used for spying on users, and / or taking over their devices, it is claimed. The discovered bugs have been reported.

Sergey Toshin managed to find a dozen vulnerabilities on Samsung smartphones. Now, three of them present a serious issue, it seems. Mr. Toshin did not disclose the details on them for that particular reason.

Advertisement

Mr. Toshin did say that the least severe of these issues could help hackers steal SMS messages, should they trick users. Two of these vulnerabilities are way more serious, though. They are “stealthier”, it is said.

Those two issues can be exploited without any action from the smartphone user, which is especially troubling. It is said that an attacker can use them to “read and / or write arbitrary files with elevated permissions.”

These issues have been reported, and Samsung is working on patches

As already mentioned, all of these vulnerabilities have been reported to Samsung, through the bounty program. Mr. Toshin is now waiting to receive the bounties for his work, it is claimed.

Advertisement

Sergey Toshin collected quite a bit of cash from Samsung up to this point. This year alone, he managed to rake in around $30,000, as he disclosed 14 issues to Samsung. Three of them are waiting to be patched, it is said. If you’d like to know more about the issues that were patched already, click here.

It is unknown when will these new, more serious problems be patched, but as already mentioned, Samsung is working on it. The company will probably come up with a patch in the near future, and release it in form of a security update.