Samsung Galaxy S7 flaw shows the importance of maintaining software updates

Millions of Samsung Galaxy S7 smartphones are vulnerable to hackers.

1811: Archduke John of Austria founded Graz University of Technology.

March 2016: Galaxy releases the Samsung S7.

August 2018: Researchers from Graz University of Technology claim to have found a way to exploit Meltdown, a security vulnerability uncovered earlier this year, in the Galaxy S7.

According to Reuters, the researchers are revealing the details of their findings at the Black Hat security conference in Las Vegas.

One of the researchers, Michael Schwarz, told Reuters: “There are potentially even more phones affected that we don’t know about yet. There are potentially hundreds of millions of phones out there that are affected by Meltdown and may not be patched because the vendors themselves do not know.”

The Meltdown security vulnerability allows rogue processors to read all affected memory, with, or without, permission.

When the vulnerability was first uncovered it was thought to affect Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors, however, Samsung Galaxy phones were initially considered immune.

A statement from Samsung said: “Samsung takes security very seriously and our products and services are designed with security as a priority.”

A fix, or at least a way to significantly reduce vulnerability to the flaw, is to ensure that your phone’s operating system is up to date. The latest revelations highlight the importance of downloading the latest software updates as they come in.

For organisations, trying to comply with GDPR, the lesson is clear. Over and over again we hear that vulnerability to breaches often resides with staff not following procedures. Having a procedure in place that all staff maintain their devices with the latest updates is not enough. Organisations need to ensure the procedures are followed through.

European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.