Samsung working on a security update to patch keyboard vulnerability

Samsung has responded to the recent news about Galaxy phones being at a risk due to pre-installed keyboards. The company is developing a patch for the Swiftkey vulnerability that will be rolled out as an over the air update to Galaxy phones.

Samsung Galaxy S6 vs S6 Edge_fonearena-12

Samsung will be using its Knox security suite to deliver the patch. The company’s built-in keyboard uses the SwiftKey software development kit for prediction and language packs and they are said to be prone to hacks. This vulnerability was discovered by Ryan Welton from mobile security specialists NowSecure.

Samsung takes emerging security threats very seriously. We are aware of the recent issue reported by several media outlets and are committed to providing the latest in mobile security. Samsung Knox has the capability to update the security policy of the phones, over-the-air, to invalidate any potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days. In addition to the security policy update, we are also working with SwiftKey to address potential risks going forward.”

said a Samsung spokesperson in a statement.

NowSecure found the vulnerability to be present in devices such as the Galaxy Note 4, Note 3, Galaxy S3, S4, S5 as well as the Galaxy S6 and S6 edge. Swiftkey also responded that thi vulnerability is unrelated to and does not affect our SwiftKey consumer apps on Google Play and the Apple App Store.

[UPDATE]– All flagship models since Galaxy S4 have the KNOX security platform installed along with the Security Enhancements (SE) for Android which enforces a number of mandatory security settings on the device. The security policy update will be pushed to the user. The user must agree to receive the security policy update. To ensure your device receives the latest security updates, go to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is activated. At the same screen, the user may also click Check for updates to manually retrieve any new security policy updates.

Author: Sneha Bokil

Sneha Bokil is a tech enthusiast and is currently using OnePlus 3T but she still treasures her Nokia N70 (M). You can follow her on Twitter @snehabokil and on Google+