Samsung has begun rolling out its latest security update, and it’s crucial for those with phones using Exynos modems — like last year’s Galaxy S22 flagship — which were at high risk of major security breaches. The new update fixes these security concerns (and more) and is now rolling out to the Galaxy S23 lineup in Europe and South Korea.
In mid March, a Project Zero report from Google’s internal security research team revealed that security issues found on devices using Exynos modems could have given remote users the ability to very easily compromise a phone at the baseband level. Samsung said at that time that it released security patches for five of those vulnerabilities in March, with an update to follow in April to address the remaining issues.
According to a report published on Samsung’s website, the April 2023 security patch update contains fixes (CVEs) from Google for 55 security flaws, out of which four fixes are termed critical and 46 fixes are termed high priority. That is why it is important to install this update on your Galaxy phones as soon as it arrives, despite the Galaxy S23 series not using the Exynos modem. It also fixes the security vulnerabilities found in 3GPP implementation in the Exynos modem baseband and Exynos fastboot USB interface.
Samsung is also rolling out 15 additional fixes with the update for Galaxy smartphones and tablets. Most of these flaws were found on devices running Android 11 and above. Apart from the high-risk vulnerabilities, flaws in SemClipboard, SLocatoin, and Telephony features have also been fixed alongside taking care of loopholes found in the TIGERF trustlet, hijacking vulnerability in CertificatePolicy as well as in improper authorization of the Smart Suggestions widget. In other words, a lot of vulnerabilities have been patched.
Galaxy devices, including the S22 sold in Europe and African countries, M33, M13, M12, A71, A53, A33, A21s, A13, A12, and A04 series were at risk according to the Project Zero list — we expect them to receive this security update soon. All eyes are now on Google to roll out this crucial fix for its Pixel 6, Pixel 6a, Pixel 6 Pro, Pixel 7, and Pixel 7 Pro.
