Google released the new September Android security bulletin a few days ago and warned that the entire Android ecosystem is at great risk, to which Samsung, however, doesn’t really bothered its Galaxy audience as the devices are already protected against the threat amidst the fix that was released a month earlier.
But not all the Galaxy users have received the necessary security patch, thus their devices still remain at a serious risk. This critical vulnerability comes from the CVE-2024-32896, which arose back in April, and now it’s been fixed in multiple sections.
Meanwhile, the CVE-2024-32896 vulnerability was the simple passage for unathorized access to devices and was significantly acknowledged by the US government back in June, citing a warning not to use Pixel devices as they thought the issue was Pixel-specific, but that was not the case.
On the flip side, Samsung, however, never really bothered and released another fix for this issue a month earlier than expected, that’s in August. This newest vulnerability, CVE-2024-36971, despite the US government’s update deadline, Samsung neither tried to accelerate the update nor extended its availability beyond its usual software update scope.
Moreover, Samsung has already pushed a fix for the critical update for its Galaxy models, but not all the phones actually got this update. Thus, it’s possible that the remaining millions of Samsung Galaxy handsets are still at serious risk.
Via – Forbes
