New Delhi: Over 600 million Samsung mobile device users have been reportedly affected by a significant security risk on leading Samsung models, including the recently released Galaxy S6.
According to NowSecure, the risk comes from a pre-installed keyboard that allows an attacker to remotely execute code as a privileged (system) user.
Uncovered by NowSecure mobile security researcher Ryan Welton, Samsung was notified in December of 2014. Given the magnitude of the issue, NowSecure notified CERT who assigned CVE-2015-2865, and also informed the Google Android security team.
If the flaw in the keyboard is exploited, an attacker could remotely access sensors and resources like GPS, camera and microphone. They can also secretly install malicious apps without the user knowing.
The attackers can also eavesdrop on incoming/outgoing messages or voice calls and attempt to access sensitive personal data like pictures and text messages.
Photos: Abhishek Bachchan and Farah Khan at Boman Irani's birthday bash
Spotted: Shah Rukh Khan at Morani's bungalow in Mumbai
Spotted: Sonam Kapoor and sister Rhea at Mumbai airport
Photos: Ranveer Singh, Vaani Kapoor get 'Befikre' on 'Super Dancer'
In pictures: 12 child artistes who turned into beautiful divas