Samsung has just released an update for its flagship devices—this includes two ‘critical’ security fixes, one of which is late and should be installed urgently....
Samsung's new update affects millions of Galaxy users
5/10 update below; article originally published 5/7.
Samsung is on a roll, and its flagship Galaxy users are again being given an early look at the new Android monthly security update almost as soon as Google reveals details of the urgent fixes being released this time around.
That said, it’s not all smooth running. One critical fix that Google included in its April security release is only just being made available by Samsung now—this Qualcomm modem issue could potentially lead to a memory corruption issue during a secure comms “handshake,” and such memory vulnerabilities open doors to exploitation.
The other critical fix for May impacts the phone’s change log process, which could lead to “local escalation of privilege with no additional execution privileges needed.”
Details—as ever—remain scarce for now, but Google says the critical tag “is based on the effect that exploiting the vulnerability would possibly have on an affected device.” Such an attack in isolation would require “platform and service mitigations” to be off, but vulnerabilities can be exploited as part of a more sophisticated chain attack.
Over the coming days, Galaxy users will see the updates made available as per usual—dependent upon region and carrier. Samsung will focus on its newest, priciest devices first, and then work down the list. Owners of older, cheaper devices may already be on a quarterly schedule—or worse. You can find details here.
This security update will not generate many headlines, notwithstanding its critical fixes, given Samsung’s update cycle is currently being dominated by the Galaxy AI refresh for older devices than its S24 AI hero product.
Samsung has just confirmed that since it initially “announced in February that Galaxy AI features, initially launched on flagship S24 products, would be available on more Galaxy devices through a new One UI 6.1 update... 8.8 million users are downloading and actively using these Galaxy AI capabilities.”
Samsung is aiming for “over 100 million users to experience its Galaxy AI features across the world,” as it drives towards the “further the democratization of mobile AI.” But the much more interesting news is how its on-device AI offering will compare to Apple’s, which is expected to be announced shortly—perhaps as soon as this week, with the expected announcement of new AI-bearing iPads.
The coming months will see a battle between Apple’s likely device-only AI and Samsung’s “hybrid” alternative, which combines device and cloud processing. Samsung has said it wants to “to raise the standards of security and privacy in this new era of data-intensive mobile experiences,” which is fine when the primary competition is Google and its largely cloud-centric model. Apple will be a different prospect, and AI privacy and security is set to become a key differentiator.
Meanwhile, Galaxy owners should ensure their device updates—automatically or manually—as soon as the release for their region and model is available. Samsung’s own fixes in the release are all moderate, except for one high severity boot loader fix, which only affects devices using MediaTek chipsets.
One security issue not seemingly addressed by this month’s update is the “Dirty Stream” vulnerability that Microsoft warned about late last week. This impacts multiple Android apps with hundreds of millions of installs, where apps receiving data from another app on a device can be tricked into executing malware. Details of the attack and the mitigations underway can be found here.
Meanwhile, the usual monthly advice applies—keep your firmware updated and beware the apps and extensions you install on your smartphone.
Update 05/09: While the excitement around Samsung’s One UI 6.1 update continues to build, with millions around the world upgrading their Galaxy devices with new AI offerings, Samsung is already working on its next big thing.
As reported by SamMobile, the Galaxy maker “is preparing for the One UI 7.0 Beta Program for its latest flagship smartphone series.”
This is being developed around Android 15, which is now in beta. “Samsung seems to have acted upon it and started beta development of Android 15-based One UI 7.0 software internally for the Galaxy S24 series... Usually, Samsung starts internal development of a major new version of One UI as soon as Google releases the first Developer Beta version of Android.”
Android 15 will bring a range of important new security updates to smartphones around the world when it releases, as the gap between Android and iPhone narrows. These include app quarantining and centralized privacy settings, but the highlight is innovative new protection against phone tracking, interception and so-called IMSI grabbing, which pulls device identifiers over the air. Such defenses have never been mainstream before—even iPhones don’t currently offer such warnings.
This new advance will be coming to Pixel we are certain, but the question remains whether Samsung will do the same. It requires a compliant modem and for the phone’s OS and modem to work together to warn when connectivity encryption reduces or when multiple network identification requests are received.
What makes this interesting is Samsung’s approach to such advances in the past. When 2G toggles were introduced in Android to block the most basic form of tracking and interception, EFF commented that Samsung has not taken any steps to include the 2G toggle from vanilla Android, nor has it indicated that it plans to any time soon... These failures to act suggest that Samsung considers its users’ security and privacy to be an afterthought. Those concerned with the security and privacy of their mobile devices should strongly consider using other hardware.”
And so from a security perspective, how Samsung adopts this new advance—or not— will be of particular interest. With its update in the works, we will soon know...
Update 05/10: Unsurprisingly, Samsung’s May update has just arrived first for owners of its latest flagship—the Galaxy S24 series. As ever, while the company can be applauded for early details on May’s security releases—combining its own fixes with Android’s, users still have to line up by model, region and carrier to actually receive the relevant software for their device.
Earlier this year, we saw Samsung’s initial piloting of Google’s seamless update process, which simplifies the actual update itself. But we've heard little more on that since, and in of itself it doesn't resolve the patchwork quilt approach, which is exacerbated by the different update frequency per device, by age and price.
Samsung is clearly going head-to-head with Apple for the premium market, at least outside China, where both manufacturers are currently taking a beating from local OEMs, especially Huawei with its post-sanction resurgence.
And while the Apple/Samsung head-to-head is much more headlined by AI, with Galaxy currently streets ahead of iPhone, and iPhone anticipated to start to catch up come this fall’s iOS 18 release, the update process is also a factor—at least when it comes to security.
Notwithstanding recent DMA-inspired changes in Europe, Apple remains much more locked down than Android, and Samsung is tarred with that brush. The Korean company has pushed in multiple directions to address this, including hardware innovations and its welcome hybrid approach to AI versus the cloud-first alternative that comes naturally to Google and its Android ecosystem. But when it comes to the smooth, timely running of updates, Samsung still falls behind.
Unless and until Android in general and Samsung in particular can come closer to Apple’s one size fits all, all at once approach to OS updates, and its more recent breakout for urgent security patches following the same model, there will be an awkward gap between the two premium manufacturers.
Between them, Apple and Samsung dominate the premium handset market, and the strides both Google and Samsung are making to narrow the gap with Apple on security and privacy grounds are welcome. But this security update gap remains.
For Samsung users—especially given the increasing threat landscape, even within Google’s own Play ecosystem, that’s not good enough for $1000+ handsets.
This will be especially true in the US, where iPhone enjoys its most dominant position and where the focus for its AI releases will focus most later this year.
Samsung is on something of a surge in the US, with Counterpoint just reporting its “market share growing to 31%, its highest Q1 share since Q1 2020,” and calling out Samsung as “A bright spot in the market... growing shipments YoY with the earlier launch of the S24 series.”
According to the research company, this “was Samsung’s best Q1 in four years as the brand grew its market share to 31%, the highest since Q1 2020. There was strong demand from older Samsung users looking to upgrade to a new device.” Encouragingly, Counterpoint also reported “strong demand from older Samsung users looking to upgrade to a new device.”
As that premium $1000+ handset market consolidates between Apple and Samsung, it’s critical that the work Samsung has done over the last year to improve what was a much more woeful security update process in the past doesn't stop here, and that gap to iPhone narrows.
And so all eyes to Apple’s WWDC next month and the iOS 18 release beyond that. Thus far, Apple appears to be going its own way on its AI approach as Samsung expands its own offerings across the portfolio. But everything can quickly change.
