close
close

Samsung to Deliver Critical Security Patch to Millions of Galaxy Devices

Posted on by darion

Close-up of Samsung Galaxy S24 held in hand.
A serious security flaw once thought to affect Google’s Pixel devices is actually casting a wider net across the Android ecosystem. In response, Samsung is speeding up the update for millions of Galaxy devices, according to information the world’s largest smartphone maker (by market share) shared with Zac Doffman on Forbes.

The vulnerability in question is tracked as CVE-2024-32896 and is described as an elevation of privilege (EoP) vulnerability. Last month, Google issued a Pixel security bulletin stating that the exploit “may be limited and targeted,” which in other words means that hackers are actively targeting affected devices. At the time, only Pixel devices were thought to have the flaw, but Google later clarified that all Android devices were at risk.

This affects Galaxy phones, and it was initially reported that a fix could take several months to arrive. However, Samsung apparently told Doffman that “the goal for this fix is ​​August,” with the caveat that the actual rollout “may vary by network provider and device.”

Close-up of the Samsung Galaxy Z Fold5.
One reason this is notable is that Samsung is at the top of the smartphone food chain. Recently updated audits from multiple market research firms show that Samsung is now ahead of Apple for the largest share of the global smartphone market. According to IDC, Samsung shipped 53.9 million smartphones in the second quarter of 2024, capturing 18.9% of the market. Canalys shared similar statistics last week, pegging Samsung’s share at 18%.

As for the vulnerability being fast-tracked, there are still no details. That’s not unusual, as vendors like Google typically wait until most affected users have access to a fix before revealing details, in order to keep hackers in the dark for as long as possible.

Incidentally, there was a second and potentially more serious security flaw, designated CVE-2024-29745, that Google has patched for its Pixel devices. Similarly, it also affects the Android platform as a whole. Samsung has not said whether its upcoming patch for Galaxy phones will also address it.