Samsung’s Latest Galaxy Store Update Fixes Vulnerability That Let Hackers Install Apps Without Informing Users

Samsung has released a Galaxy Store app update to fix vulnerabilities that could potentially allow malicious sources to install apps without a user’s permission. Two vulnerabilities were reportedly detected on the Galaxy Store by a research team. These vulnerabilities have only been affecting handsets running Android 12 or lower. Android 13 users are not affected by this. Users can open the Galaxy Store on their phones, and download and install the latest Galaxy Store app version 4.5.49.8.

According to a report by NCC research team, the Galaxy Store app, which comes pre-installed on Galaxy smartphones, has been detected with two security vulnerabilities CVE-2023-21433 and CVE-2023-21434. The vulnerabilities allow hackers to install malicious apps on vulnerable Samsung handsets without the owner’s permission as well as execute JavaScript by launching a Web page.

The report shares that a pre-installed rouge application or malicious hyperlink in Google Chrome on Galaxy phones running Android 12 bypass Samsung’s URL filter and install any application available on the Galaxy Store. Further, they even launch a webview controlled by the attacker. Notably, these vulnerabilities have only been affecting Galaxy phones running Android 12, while Android 13 supported phones are safe.

Hence, to fix these bugs, Samsung has rolled out an updated version of the Galaxy Store app (version 4.5.49.8). Users can head to the Galaxy Store settings on their phones, and download and install the latest version of the app. Samsung has rated the abovementioned vulnerabilities as Moderate risks.

The Galaxy Store was reported to distribute malicious apps asking for excessive permissions, including access to the phone, earlier as well. In December 2021, different Showbox movie piracy app clones available on Galaxy Store were spotted infecting devices with malware. Tipster Max Weinbach reported a similar type of issue that was previously discovered on Huawei phones. He shared that the Showbox-based app installations from the Galaxy store were stopped by Google’s Play Protect warning. At least five of the Showbox-based apps were infected with dangerous malware. 

 


Affiliate links may be automatically generated – see our ethics statement for details.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.


CoinDCX, Binance Start 2023 With Crypto Awareness Programme, Web3 Scholarship

Featured video of the day

Redmi Note 12 Pro+: All About the 200-Megapixel Camera



Check out our Latest News and Follow us at Facebook

Original Source

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *