1 year ago
110
Samsung has released a Galaxy Store app update to fix vulnerabilities that could potentially allow malicious sources to install apps without a user's permission. Two vulnerabilities were reportedly detected on the Galaxy Store by a research team. These vulnerabilities have only been affecting handsets running Android 12 or lower. Android 13 users are not affected by this. Users can open the Galaxy Store on their phones, and download and install the latest Galaxy Store app version 4.5.49.8.
According to a report by NCC research team, the Galaxy Store app, which comes pre-installed on Galaxy smartphones, has been detected with two security vulnerabilities CVE-2023-21433 and CVE-2023-21434. The vulnerabilities allow hackers to install malicious apps on vulnerable Samsung handsets without the owner's permission as well as execute JavaScript by launching a Web page.
The report shares that a pre-installed rouge application or malicious hyperlink in Google Chrome on Galaxy phones running Android 12 bypass Samsung's URL filter and install any application available on the Galaxy Store. Further, they even launch a webview controlled by the attacker. Notably, these vulnerabilities have only been affecting Galaxy phones running Android 12, while Android 13 supported phones are safe.
Hence, to fix these bugs, Samsung has rolled out an updated version of the Galaxy Store app (version 4.5.49.8). Users can head to the Galaxy Store settings on their phones, and download and install the latest version of the app. Samsung has rated the abovementioned vulnerabilities as Moderate risks.
The Galaxy Store was reported to distribute malicious apps asking for excessive permissions, including access to the phone, earlier as well. In December 2021, different Showbox movie piracy app clones available on Galaxy Store were spotted infecting devices with malware. Tipster Max Weinbach reported a similar type of issue that was previously discovered on Huawei phones. He shared that the Showbox-based app installations from the Galaxy store were stopped by Google's Play Protect warning. At least five of the Showbox-based apps were infected with dangerous malware.
Affiliate links may be automatically generated - see our ethics statement for details.
For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.
Himani Jha is a Sub Editor at Gadgets 360, writing on technology news related to smartphones, laptops, earphones, and other popular categories. She has been writing for two years, and loves to explore new tech. When not tinkering with the coolest smartphones, you will find her vibing to evergreen songs and sipping on great coffee. Reach out to her at [email protected]. More
Featured video of the day
Monetise YouTube Shorts Soon - Watch to Know How
English (US)