Home
Mobiles
Mobiles News
Samsung Says SwiftKey Keyboard Security Flaw Patch Coming in a Few Days

Samsung Says SwiftKey Keyboard Security Flaw Patch Coming in a Few Days

By Ketan Pratap | Updated: 19 June 2015 15:18 IST

Soon after a report claiming that several Galaxy models were plagued with a keyboard security flaw, Samsung has revealed that it is working on a patch for its devices which will start rolling out in a few days. Notably, Samsung has confirmed that it will make use of its Samsung Knox security suite to fix the keyboard security flaw that was alleged to allow an attacker to remotely execute code as a system user on Galaxy devices.

In a blog post, Samsung said, "Samsung takes all security threats very seriously. There have been reports that there is vulnerability when keyboard updates are carried out on Galaxy devices. We are aware of this issue and are committed to providing the latest in security on all of our devices."

"Samsung Knox has the capability to update the security policies of our devices, over-the-air, to invalidate potential vulnerabilities caused by this issue. The security policy updates will begin rolling out in a few days," the firm added.

Samsung explains that all flagship models since Galaxy S4 have the Knox security platform installed, but added that it is working on an expedited firmware update for devices that don't come with Knox by default. It will be made available upon "completion of all testing and approvals."

For users with devices featuring Knox, Samsung recommends making sure their devices are ready to receive the security policy update. "To ensure your device receives the latest security updates, go to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is activated. At the same screen, the user may also click Check for updates to manually retrieve any new security policy updates."

According to a report by mobile security company NowSecure, the SwiftKey keyboard flaw could allow an attacker to remotely access sensors (including features such as GPS, camera, and microphone); secretly install malicious app without the user knowing and fiddle with how other apps function, or how the smartphone works. The security flaw could also allow an attacker to eavesdrop on incoming/ outgoing messages or voice calls while could allow access to personal data such as images and text messages.

SwiftKey in an emailed statement to NDTV Gadgets defended itself, saying the SwiftKey app available on Google Play and App Store had no such security flaw. The company added that while SwiftKey supplied Samsung with the 'core technology' to power word predictions on its keyboards, it "appears the way this technology was integrated on Samsung devices introduced the security vulnerability." SwiftKey said it is working with "long-time partner" Samsung to resolve the issue.

The statement added that the vulnerability was difficult to exploit, and only possible if the Samsung device user is connected to a compromised network (such as a spoofed public Wi-Fi network) and the device was undergoing a language update at the same time.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Android, Mobiles, Samsung, Samsung Mobiles, SwiftKey, SwiftKey App

Ketan Pratap

Email Ketan

Ketan Pratap is the editor at Gadgets 360 - with over 12 years of experience covering the technology domain. With a breadth and depth of knowledge in the field, he's done extensive work across news, features, reviews, and opinion pieces. But what's truly inspiring about Ketan is how he spends his free time. He's often found gazing at snow-capped mountains from over 20,000 feet while sitting on the hood of his car, taking in the breathtaking beauty of nature. His passion for the great ...More