Samsung Galaxy S7 flaw shows the importance of maintaining software updates

Millions of Samsung Galaxy S7 smartphones are vulnerable to hackers.

1811: Archduke John of Austria founded Graz University of Technology.

March 2016: Galaxy releases the Samsung S7.

August 2018: Researchers from Graz University of Technology claim to have found a way to exploit Meltdown, a security vulnerability uncovered earlier this year, in the Galaxy S7.

According to Reuters, the researchers are revealing the details of their findings at the Black Hat security conference in Las Vegas.

One of the researchers, Michael Schwarz, told Reuters: “There are potentially even more phones affected that we don’t know about yet. There are potentially hundreds of millions of phones out there that are affected by Meltdown and may not be patched because the vendors themselves do not know.”

The Meltdown security vulnerability allows rogue processors to read all affected memory, with, or without, permission.

When the vulnerability was first uncovered it was thought to affect Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors, however, Samsung Galaxy phones were initially considered immune.

A statement from Samsung said: “Samsung takes security very seriously and our products and services are designed with security as a priority.”

A fix, or at least a way to significantly reduce vulnerability to the flaw, is to ensure that your phone’s operating system is up to date. The latest revelations highlight the importance of downloading the latest software updates as they come in.

For organisations, trying to comply with GDPR, the lesson is clear. Over and over again we hear that vulnerability to breaches often resides with staff not following procedures. Having a procedure in place that all staff maintain their devices with the latest updates is not enough. Organisations need to ensure the procedures are followed through.

PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.