This is why Galaxy phone owners need to install the August security update as soon as it arrives

11comments
We may earn a commission if you make a purchase from the links on this page.
This is why Galaxy phone owners need to install the August security update as soon as it arrives
Back in June, the U.S. government ordered  Pixel owners working for the federal government to update their phones by July 4th or stop using them. An advisory from the Known Exploited Vulnerabilities (KEV) listings that are managed by CISA (Cybersecurity and Infrastructure Security Agency) said "Android Pixel contains an unspecified vulnerability in the firmware that allows for privilege escalation." Privilege escalation would allow an attacker to use an app to capture information that normally would not be available to the bad actor.

There is still time to pre-order the Samsung Galaxy Z Fold 6 and Galaxy Z Flip 6

(512GB) Z Fold 6: up to $1,200 off; Z Flip 6: up to $650 off

The Galaxy Z Fold 6 and Z Flip 6 are available at Samsung.com. Right now, you can get the 51GB Galaxy Z Fold 6 for up to $1,200 off with a trade-in. The Z Flip 6 comes at up to $650 off, provided you spare an eligible device in good condition.
$1389 98
$3239 98
Buy at Samsung

Galaxy Z Fold 6 (512GB): Save $472 at Amazon

The Samsung Galaxy Z Fold 6 with 512GB of storage in Silver is now $472 cheaper than usual. The deal is live on Amazon! Don't miss out.

To explain this another way, the aforementioned Known Exploited Vulnerabilities listings determined that CVE-2024-32896 "may be under limited, targeted exploitation." Each CVE is a specific vulnerability or flaw that affects mobile devices when exploited by bad actors. They are assigned CVE (Common Vulnerabilities and Exposures) numbers to help catalog them for software engineers who develop patches that fix the vulnerabilities.

One day before the government's July 4th deadline we told you that Google had managed to patch the flaw on all Pixel models (with the June security update) but at that time we learned that CVE-2024-32896 was also a threat on all other Android phones including Samsung's Galaxy handsets. Samsung has yet to patch its phones meaning that the flaw can still be exploited on Galaxy handsets. This is why Samsung says that it is important that users of its phones install the August security update when it comes out early next month.

The actual release date of the August security update depends on the device, country, and network provider for each individual Samsung handset although it would appear that the release for Samsung is imminent.


Recommended Stories
Another troubling vulnerability that remains unpatched for all Android phones outside of Pixel models is CVE-2024-29745 which is said to be even more of a threat than CVE-2024-32896. Google told Forbes that this flaw was patched for Pixel devices in April. This CVE impacts firmware released by individual manufacturers and will need to be fixed by each one. Hopefully, Samsung includes patches for both vulnerabilities with the August security update. CVE-2024-29745 reportedly needs to work in concert with another vulnerability to wreak havoc on unpatched Android phones.

Other Android handsets might get the patches for both vulnerabilities when the stable version of Android 15 is released for each phone. Samsung wanted to have their phones patched before the Android 15 release and now it appears that this will occur. Galaxy device owners, as soon as the August security update is available for your Samsung phone, install it immediately.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless