If you have been using Samsung Galaxy phones or are a Samsung fan like me, then this news is probably not a good one for you. Security researchers have announced that Samsung Galaxy phones including the latest one S6 is vulnerable to attacks. Well, there is a chance, that yours is vulnerable too out of all the 600 million impacted phones worldwide.
As per the statement, what is making the phones unsecure is the keyboard app called as SwiftKey that comes pre-loaded in the phones. If this vulnerability can be successfully exploited, it can lead to attackers remotely accessing your device to spy through its camera or microphone, track your physical location via GPS, install malicious apps without you knowing, steal information and even eavesdrop on your messages and voice calls.
Moreover, you can’t uninstall the keyboard but even if you decide to mark this app as not default, it can still be exploited. The issue that is causing this security flaw is that this app updates itself by downloading a ZIP archive through an unencrypted and unsecured HTTP connection thereby giving attackers a chance to intrude and infect the package.
This is not new and was actually informed to Samsung in late 2014 and although Samsung has started releasing the security patches via carrier, the problem is to find out who all users are still vulnerable to this flaw.