highlights
Hackers are trying to take advantage of security flaws.
The government asked users to update their mobile phones immediately.
Cyber criminals can also hack phones.
New Delhi. Smartphones are now being used not only for calls and messages but also for many other purposes. Hackers always keep an eye on mobile phones which have become an important part of our lives. Now the government has issued a warning regarding some smartphones made by the famous mobile manufacturer Samsung. CERT-In, the nodal agency working under the Ministry of Electronics and Information Technology, has said that hackers can hack users’ phones by taking advantage of the flaws present in Samsung smartphones which are currently running on Android 11, 12, 13 or 14 version. And can steal their data.
The alert issued by CERT-In is of high-risk warning category. Taking this warning lightly would mean shooting yourself in the foot. Therefore, if you are also using Samsung handsets which run on Android version 11 to 14, then you should update your smartphone immediately. Samsung Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5 are among those Samsung smartphones that run on Android 11, 12, 13 and 14.
What are the flaws?
CERT-In has said in its advisory that these Samsung phones have security problems due to lack of proper access control in Knox features, facial recognition software flaw, authorization problem in AR Emoji app and other issues. These vulnerabilities could allow hackers to “trigger heap overflows and stack-based buffer overflows.” Not only this, hackers can also access users’ SIM PIN, send broadcasts, access AR Emoji app data and can also access many other sensitive information in users’ phones.
What should users do?
According to CERT-In, Samsung phone users of Android 11, 12, 13 and 14 versions should apply the appropriate security updates as mentioned in the advisory of the phone manufacturer. This week, CERT-In warned about several vulnerabilities in browsers like Google Chrome and Microsoft Edge (Chromium-based) for desktop, as well as Schneider Electric and Microsoft products. The Chrome versions at risk are before 120.0.6099.62 for Linux and Mac, and before 120.0.6099.62/.63 for Windows.