The Samsung Keyboard Bug Scare

Reports of the keyboard bug that leaves your Samsung device vulnerable to attacks are currently spreading around. The vulnerability lies within the built-in SwiftKey keyboards on Samsung that allows a malicious attack to take full control of your mobile phone. It has been established that other devices that run the same program are unaffected. The problem remains isolated to Samsung because their version of the program has special permissions that allow it to make major changes. NowSecure, the security company who discovered the problem, has already informed Samsung last December. Samsung has instructed them to keep the issue under wraps until it can come up with a solution.

Samsung has already put out a patch to combat this issue, but it is unclear whether the mobile networks have pushed the update yet. Unfortunately, the problem cannot be solved by installing or using another program for your keyboard as the default program would still be running in the background. There have been no reports about any attacks that abuse this particular vulnerability and the makers of SwiftKey claims that it’s not easy to exploit. The vulnerable user must be connected to a compromised Wi-Fi network and the attacker can only gain access if the user’s keyboard is conducting a language update. The specific circumstances that have to be present and the small window as timeframe make it very difficult for any attacker to actually pull it off. The security issue is very serious and it does pose a threat, but the probability that you might actually be subject to an attack is quite low.

If you’re still worried about the bug and would like to take precautions, NowSecure suggests that users stay away from unsecured Wi-Fi networks, check with your carrier regarding the security update or use a different phone in the meantime.