Samsung readies fix for a security flaw that may have compromised as many as 600 million phones, including the Galaxy. As many 600 million Samsung phones may have a security flaw that could allow hackers to monitor the camera and microphone, read incoming and outgoing text messages, and install malicious apps. Fortunately, Samsung says it will release a fix in a few days. Until then, if you are using a Samsung Galaxy S6, S5 or S4 and probably other Android phones made by the same company, avoid using unsecured Wi-Fi networks, such as the kind you’ll find at a Starbucks or other retail location, until you’ve updated your phone. The fix will be automatically downloaded to your phone if you’ve enabled auto downloading. To ensure your device receives the latest security updates, Samsung says go to Settings > Lock Screen and Security > Other Security Settings > Security policy updates, and make sure the Automatic Updates option is activated. At the same screen, click on “Check for updates” to manually retrieve any new security policy updates. Seen first at Black Hat The exploit was demonstrated Tuesday at the Blackhat security conference in London by Ryan Welton, a researcher with security firm NowSecure. (Ars Technica was the first to report this.) Samsung says there haven’t been any reports thus far of Galaxy devices being compromised and the hack could only occur under a fairly narrow set of conditions. But the potential for a hack is real, the company says. The hole is related to the SwiftKey keyboard, which is installed on millions of Samsung phones, and is a potential threat even if the user has not activated that keyboard. The malicious code checks for new language packs over an unencrypted, plain text connection. Welton says he can spoof a proxy server for the keyboard that allows access to many functions on the smartphone. The security researcher says he has confirmed that the vulnerability is active on the Samsung Galaxy S6 on Verizon and Sprint networks, the Galaxy S5 on T-Mobile, and the Galaxy S4 Mini on AT&T. Whether your Samsung phone is active on one of those networks or not, you should take the steps I’ve mentioned to be sure you’re your device secure. Related content BrandPost Are tech layoffs inevitable, or can your company avoid them? Despite tech industry layoffs, one ITSM company remains committed to growth and expansion of internal teams. The company’s successful endeavor is largely credited to one difference between TOPdesk and other tech organizations. By TOPdesk Mar 30, 2023 6 mins IT Leadership Analysis CIOs must evolve to stave off existential threat to their role With LOB leaders learning tech faster than CIOs gain business-savvy, IT leaders must strengthen advisory skills, build relationships, and embrace strategic transformation before losing out to business counterparts. By Yashvendra Singh Mar 30, 2023 10 mins Roles Opinion 5 ways AI will transform CRM Recent announcements by Microsoft and Salesforce on how they’re ramping up integration of AI tools into their software offerings mark the start of a revolution in the CRM marketplace. By Martin De Saulles Mar 30, 2023 4 mins Channel Sales CRM Systems Artificial Intelligence Interview From CIO to CX SVP, Cisco’s Jacqueline Guichelaar takes a road less travelled By David Binning Mar 29, 2023 7 mins Careers IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe