About the previous few of months, Samsung was laser-concentrated on releasing the Android 13 update to its smartphones and tablets. For this reason, it delayed the launch of the December 2022 stability patch by a handful of days. Usually, it releases a month’s protection patch even ahead of the month commences, but that wasn’t the situation with the December 2022 security update.
Samsung released the December 2022 stability patch now, setting up with the Galaxy S20, Galaxy S20+, and the Galaxy S20 Extremely. More than the following couple weeks, the South Korean agency will launch the December patch to all its qualified smartphones and tablets. According to the company’s documentation, the most current protection patch involves fixes for 93 safety vulnerabilities. 67 of these vulnerabilities influence almost all Android gadgets, even though the relaxation are only found in Samsung’s Galaxy smartphones and tablets.
From the extensive record of vulnerabilities that are preset by Samsung’s December 2022 protection patch, 5 are marked as vital, though 63 vulnerabilities have been termed as ‘high’ precedence. Twelve vulnerabilities from the record are marked as ‘moderate’ in Samsung’s every month security bulletin.
Most of these vulnerabilities affect Samsung smartphones and tablets functioning Android 10, Android 11, and Android 12, although some vulnerabilities are current in Galaxy products operating Android 13. Some of the vulnerabilities described by Samsung include things like incorrect entry to messages, the capacity to initiate phone calls, the Options application, and IMEI and other details (in telephones with Exynos chips). Some products with Exynos chips also authorized a distant attacker to disable network website traffic encryption.
Galaxy telephones and tablets operating Android 13 had been also influenced by a safety loophole in RCS (Loaded Communications Process) that allows attackers to obtain an incoming call’s phone quantity. 1 of these vulnerabilities was also existing in Samsung’s decoding library for video thumbnails, allowing attackers to accomplish an Out-Of-Bounds Publish procedure. A further vulnerability allowed an attacker to accessibility the contents of toast notifications in the Secure Folder by using the Nice Capture application.
The other vulnerabilities that were preset by Samsung’s new security patch involve kernel facts accessibility in devices with Qualcomm chips, improper obtain to knowledge in the Contacts application, and the capability to entry data from the Cellular phone application via implicit intent. Samsung promises that all these bugs have been appropriately fixed. You can browse a lot more about these vulnerabilities on Google’s and Samsung’s stability bulletin internet sites.